Microsoft has temporarily disabled a security fix for a BitLocker vulnerability due to firmware incompatibility issues that caused Windows devices to enter recovery mode after patching. The vulnerability, tracked as CVE-2024-38058, allows attackers with physical access to bypass the encryption feature and access data.
In an update, Microsoft explained that customers who applied the fix reported firmware incompatibility issues, leading the company to disable the fix. Instead, users must apply manual mitigation measures outlined in KB5025885. This process involves a 4-stage procedure that requires restarting the device eight times.
Microsoft warns that devices with Secure Boot will not be able to remove the mitigation after applying it, even if they reformat the disk. The company advises users to test thoroughly before implementing the revocations on their devices.
During this month’s Patch Tuesday, Microsoft also fixed an issue triggered by July’s Windows security updates, which caused some devices to boot into BitLocker recovery mode. While this matches the firmware incompatibility issues that forced Microsoft to disable the CVE-2024-38058 fix, the company did not provide information on the root cause or how it addressed the issue.
Microsoft only advised affected customers to install the latest update for their devices, which contains important improvements and issue resolutions.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-bitlocker-security-fix-advises-manual-mitigation/