1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Microsoft downplays BitLocker password leakage

Discussion in 'News' started by wagnerk, Sep 3, 2008.

  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,831
    357
    341

    Microsoft downplays BitLocker password leakage



    Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is “very unlikely.”

    According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

    Read the whole story here.

    -Ken
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: PGDip
porta2_tags:

Comments

    Share This Page