You can run the following script against an SCCM collection to identify a system’s Bitlocker encryption method. This will help you find any computers that may be vulnerable to ADV180028.
Note: Your system may be vulnerable if your encryption method is set to Hardware Encryption!
$EncryptionMethod = manage-bde -status C: | Where-Object {$_ -match "Encryption Method"} If ($EncryptionMethod -ne $Null) { $EncryptionMethod = $EncryptionMethod.Split(":")[1].trim() } Else { $EncryptionMethod = "Encryption Method not found" } $EncryptionMethod
Learn more about ADV180028 here.
Learn how to deploy scripts in SCCM here.