Try our new Certificate Revocation List Check Tool
CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.
Category published:  Deployment GPO | Gruppenrichtlinien Hotfixes, Updates Scripting W10   Click on the Category button to get more articles regarding that product.

Samsung SSD + Bitlocker leak

Posted by admin on 08.11.2018

Check if you are affected by the 11/2018 SSD Bitlocker Leak.

ADV180028 | Guidance for configuring BitLocker to enforce software encryption

Security Advisory, Published: 06.11.2018

Producer: Samsung and Crucial

Affected models proof: Crucial MX100, MX200, MX300, Samsung EVO 840, 850, Samsung External USB T3/T5

There is a leak with certain SSD Hard disk (Solid-state) together with Microsoft Bitlocker. If you ONLY use software encryption you should not be affected.

There is a limited possibility then that the producer of the SSD disk still does encryption without feeding that info upwards to the OS but as we understood those are really a small size of disk.

Original text Microsoft in Advisory:

Microsoft is aware of reports of vulnerabilities in the hardware encryption of certain self-encrypting drives (SEDs). Customers concerned about this issue should consider using the software only encryption provided by BitLocker Drive Encryption.

On Windows computers with self-encrypting drives, BitLocker Drive Encryption manages encryption and will use hardware encryption by default. Administrators who want to force software encryption on computers with self-encrypting drives can accomplish this by deploying a Group Policy to override the default behavior. Windows will consult Group Policy to enforce software encryption only at the time of enabling BitLocker.

Advisory Microsoft

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180028

https://redmondmag.com/articles/2018/11/06/microsoft-ssd-security-advisory.aspx

Germans Ct Heise security Magazine

https://www.heise.de/security/meldung/Daten-von-einigen-selbstverschluesselnden-SSDs-ohne-Passwort-einsehbar-4212191.html

SC Magazine

https://www.scmagazineuk.com/ssd-encryption-security-failures-revealed-researchers/article/1498191

Samsung

https://www.samsung.com/semiconductor/minisite/ssd/support/consumer-notice/

Niederlande University

https://www.ru.nl/icis/news/recent_news/@1181122/radboud-university-researchers-discover-security/

https://www.ru.nl/publish/pages/909282/draft-paper.pdf


Here is how to check if you are affected:

Run elevated (Run as administrator)

Manage-bde.exe –status

This client is NOT affected since there is no Hardware Encryption:


Possible affected client (Check further if SSD model is affected)




 Category published:  Deployment GPO | Gruppenrichtlinien Hotfixes, Updates Scripting W10   Click on the Category button to get more articles regarding that product.

Related Post

Crowdstrike Falcon, BSOD, VMWARE Server Recovery DEU

Falcon Sensor, Bluescreen of Death Vmware workaround if you can’t boot into recovery

Proxy settings der Cryptography API bei Zertifikatswiderrufslisten (CRL) von einem CRL-Verteilungspunkt

Template theme: Newsup by Themeansar (External Link, you will leave www.butsch.ch).