Use PATCH Graph API Command - Block Bitlocker Recovery Key Information from Users

preview_player
Показать описание
👉Use PATCH Graph API Command - Block Bitlocker Recovery Key Information from Users #MSGraph #AzureAD #Bitlocker #msintune

➡️Use GET and PATCH Graph API commands to get the permission details of end users to view the Bitlocker recovery key of their own devices.

➡️allowedToReadBitlockerKeysForOwnedDevice: TRUE - Read Permission is granted to End-Users. Users can view Bitlocker Key.

➡️allowedToReadBitlockerKeysForOwnedDevice”: FALSE - Read Permission is NOT granted to End-Users. The BitLocker key is blocked or hidden from End-Users.

➡️Let’s see how to block or Hide Bitlocker Recovery Key from users. Microsoft recently added support to hide recovery keys from end-users.

➡️This helps to improve the security poster of the devices and restricts an attacker from getting Bitlocker encryption keys from Windows laptops.

➡️An attacker can abuse these recovery keys with access to the machine or end user since everyone has read permissions on icacls.

➡️A privilege escalation is possible by reconnecting the disk to another computer and changing files to achieve persistence and higher privileges.

======================================

More Blog posts related to SCCM/Intune/Windows 11/Cloud PC/AVD/Hyper-V/Cloud/IT Pro/Azure -

#CloudPC #Windows365 #W365

#SCCM #ConfigMgr #SCCMVideos #SCCMTutorials #SCCMStudyVideos #SCCMFreeTraining #SCCMTraining #HowtoManageDevices

#Intune #MicrosoftIntune #IntuneVideos #IntuneTutorials #IntuneGuide #IntuneStudy #MSIntune #IntuneTraining #HowtoManageDevices
  1. HTMD Community
  2. SCCM
  3. Intune
  4. Windows 11
  5. AVD
  6. Cloud PC
Рекомендации по теме
Start calling the 0:05:29

Start calling the Microsoft Graph API in under 5 minutes! | Tips & Tricks

Use PATCH Graph 0:08:49

Use PATCH Graph API Command - Block Bitlocker Recovery Key Information from Users

Navigating Microsoft Graph 1:29:26

Navigating Microsoft Graph API with Microsoft Graph SDK - Patch My PC Webinar

Managing with Microsoft 0:33:21

Managing with Microsoft Graph (and PowerShell)

Microsoft Graph API 0:02:42

Microsoft Graph API permission to patch Application

Microsoft Graph API 0:21:27

Microsoft Graph API | Detailed Tutorial

Automatic Patch Management 0:18:43

Automatic Patch Management for Windows 365 Cloud PC without any additional cost? Office Patching?

Planner APIs in 0:16:20

Planner APIs in Microsoft Graph

Navigate the Microsoft 0:41:54

Navigate the Microsoft Graph API with PowerShell

Intune Third-Party Patch 0:29:40

Intune Third-Party Patch Management and Application Management Install Guide for Patch My PC

Access User Data 0:48:17

Access User Data from Microsoft Graph

From zero to 0:47:30

From zero to hero with Microsoft Graph API – July 2021

New Inbuilt Windows 0:01:01

New Inbuilt Windows LAPs client | Released as part of April 2023 Patch Tuesday | Azure AD and AD

Growing up Pentecostal... 0:00:15

Growing up Pentecostal... #short

Patch My PC 0:32:54

Patch My PC Intune App Management Solution - Complete Review

Getting Started with 0:07:55

Getting Started with Microsoft Graph and Excel

MY REAL EYEBALL 0:00:21

MY REAL EYEBALL 😳 #shorts

My Jobs Before 0:00:15

My Jobs Before I was a Project Manager

GraphSPD: Graph-Based Security 0:17:07

GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics

Advanced Tuning and 0:43:18

Advanced Tuning and Operation Guide for Block Storage Using Ceph

Why use git 0:00:59

Why use git patch to test a PR from a GitHub Fork #Shorts

Change notifications with 0:49:14

Change notifications with Microsoft Graph - June 2019

Calling REST with 0:16:05

Calling REST with PowerShell

Patch My PC 0:16:34

Patch My PC Publisher Setup for Microsoft Intune Win32 Application Management (Outdated Version)

Комментарии
Автор

Is there an method how you can remove the recovery key or disable it completly? Or maybe change it locally so it is not stored by microsoft? The only security problem I think in Bitlocker is this recovery key...

ChesterHunting