CVE-2024-43513: BitLocker Security Feature Bypass Vulnerability

Overview

Severity
Medium (CVSS 6.4)
CVSS Vector
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Category
Security Feature Bypass
Exploit Status
Not Exploited
Exploitation Likelihood
Less Likely
Patch Tuesday
2024-Oct
Released
2024-10-08
EPSS Score
0.34% (percentile: 57.1%)

FAQ

Is there a prerequisite for installing the security update? Yes. For Windows Server 2012 R2 only, to apply this update, you must have KB2919355 installed. Are there additional steps that I need to take to be protected from this vulnerability? Depending on the version of Windows you are running, you might need to take additional steps to update Windows Recovery Environment (WinRE) to be protected from this vulnerability. For the latest version of Windows the process of updating WinRE is now fully automated. The following versions of Windows require no additional steps as WinRE will be updated as a part of the Latest Cumulative Update if you are getting updates from Windows Update and WSUS: Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems For the following versions of Windows, the WinRE updates listed are available. These updates automatically apply the latest Safe OS Dynamic Update to WinRE from the running Windows OS: Windows Server 2022 (Server Core installation) (KB5046399: Windows Recovery Environment update for Azure Stack HCI, version 22H2 and Windows Server 2022: October 8, 2024) Windows Server 2022 (KB5046399: Windows Recovery Environment update for Azure Stack HCI, version 22H2 and Windows Server 2022: October 8, 2024) Windows Server 2022, 23H2 Edition (Server Core installation) (KB5046399: Windows Recovery Environment update for Azure Stack HCI, version 22H2 and Windows Server 2022: October 8, 2024) Windows 11 version 21H2 for x64-based Systems (KB5046398: Windows Recovery Environment update for Windows 11, version 21H2: October 8, 2024) Windows 10 Version 22H2 for x64-based Systems (KB5046400: Windows Recovery Environment update for Windows 10, version 21H2 and 22H2: October 8, 2024) Windows 10 Version 22H2 for 32-bit Syst

Affected Products (29)

Windows

  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows Server 2019
  • Windows Server 2019 (Server Core installation)
  • Windows Server 2022
  • Windows Server 2022 (Server Core installation)
  • Windows 11 version 21H2 for x64-based Systems
  • Windows 11 version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 11 Version 22H2 for ARM64-based Systems
  • Windows 11 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for ARM64-based Systems
  • Windows 10 Version 22H2 for 32-bit Systems
  • Windows 11 Version 23H2 for ARM64-based Systems
  • Windows 11 Version 23H2 for x64-based Systems
  • Windows Server 2022, 23H2 Edition (Server Core installation)
  • Windows 11 Version 24H2 for ARM64-based Systems
  • Windows 11 Version 24H2 for x64-based Systems
  • Windows 10 for 32-bit Systems
  • Windows 10 for x64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
  • Windows Server 2016
  • Windows Server 2016 (Server Core installation)

ESU

  • Windows Server 2012 R2
  • Windows Server 2012 R2 (Server Core installation)

Security Updates (9)

Acknowledgments

<a href="https://dfir.ru/">Maxim Suhanov</a> with <a href="https://cicada8.ru/">CICADA8</a>

Revision History

  • 2024-10-08: Information published.