vulnerability
Microsoft CVE-2018-8566: BitLocker Security Feature Bypass Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Nov 13, 2018 | Nov 27, 2018 | Nov 18, 2021 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Nov 13, 2018
Added
Nov 27, 2018
Modified
Nov 18, 2021
Description
A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data.
To exploit the vulnerability, an attacker must gain physical access to the target system prior to the next system reboot.
The security update fixes the vulnerability by ensuring Windows resumes BitLocker Device Encryption.
Solutions
msft-kb4465659-49e4b54d-abe8-41ae-aa38-9e4e1f57ff58msft-kb4465659-bd666ee7-d43a-4d77-af05-df1e7628c070msft-kb4465659-c70eb99d-990e-4fd7-a60c-d4a928f6dd42msft-kb4465660-699924c3-c5e6-4f88-8d61-6a02095fd2af-cve-2018-8566msft-kb4465660-a68bb9e0-2743-44f0-9354-b330ceb93781-cve-2018-8566msft-kb4465661-195f91a3-8d9a-43e2-a325-21706b283579msft-kb4465661-9c0e9ff1-c226-4d85-a378-c1d63f84a3famsft-kb4465661-f1139512-e991-4618-8b13-eb5a1d1bc38dmsft-kb4465663-1566933e-f3ed-4872-bf7f-305f1d72cf55msft-kb4465663-2dd3f456-d276-4a4a-a2d7-20f17f70de68msft-kb4465663-8016e08a-57fe-47d0-ad62-013a1c7f60dcmsft-kb4465664-25c837cd-f6b4-403d-97f1-f6c27137bbbamsft-kb4465664-503f62f9-2426-4f40-bf69-a103191ff5cc
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.