MS15-122 Security Update for Kerberos to Address Security Feature Bypass (Bitlocker)

This security resolves a feature bypass in Windows. An attacker could bypass Kerberos authentication on a target machine and decrypt drives protected by BitLocker. The bypass can be exploited only if the target system has enabled without a PIN or key, the computer is domain-joined, and the attacker has physical access to the computer.

This security is rated Important for all supported editions of Windows. For more information, see the Affected Software section.

The addresses the bypass by adding an additional authentication check that will run prior to a password change. For more information about the vulnerability, see the Information section.

For more information about this update, see Knowledge Base Article 3105256.

Translate »
%d bloggers like this: