Cool #38c3 talk about bypassing #BitLocker in TPM only mode. A downgrade attack allows you to exploit "bitpixie" again.

https://media.ccc.de/v/38c3-windows-bitlocker-screwed-without-a-screwdriver

PXE Boot → boot downgraded/vulnerable #Windows boot loader → decrypt disk using TPM → reboot → key stays in memory → boot Linux → read key

#pentest