Bitlocker keys are apparently not necessary: https://x.com/AttilaBubby/status/1814216589559861673

It might work on some machines, but doubt to work on the rest. Worth the try.

This is the best definition of "Single point of failure" i have ever seen.

Assuming that they also have a regular Bitlocker password, there's hope with a bit manual effort. https://news.ycombinator.com/item?id=41003893

Most of the large deployments I've seen don't use pre-boot PINs, because of the difficulty of managing them with users - they just use TPM and occasionally network unlock.

So might save a few people, but I suspect not many.

Yeah but TPM-only Bitlocker shouldn't be affected anyway by this issue, these machines should start up just fine.

Whoever only has AD-based Bitlocker encryption is straight up fucked. Man, and that on a Friday.

That's the easy part? just do the ___domain controller first?

I got around BitLocker and booted into safe mode by setting automatic boot to safe mode via bcdedit https://blog.vladovince.com/mitigating-the-crowdstrike-outag...