Contournement BitLocker : la réalité des downgrade attacks

In July 2025 Microsoft disclosed CVE-2025-48804 (“BitUnlocker”), a boot-time chain-of-vulnerabilities that lets an attacker with physical access serve an older, signed boot manager and a tampered SDI/WinRE image to bypass BitLocker and obtain a decrypted OS volume; Microsoft patched the boot manager but Secure Boot’s certificate-based validation means old signed binaries (PCA 2011) remain acceptable until certificate revocation or migration is performed, and the authors provide a practical USB/PXE PoC and mitigation recommendations (BitLocker PIN, migrate to CA 2023 and revoke PCA 2011 via KB5025885).