3-5 Evaggelikis Scholis, 14231 Nea Ionia, Greece

Windows built-in data wiping tool is leaving behind sensitive information

Originally posted on techspot.

What is your data wiping strategy?

In brief: Windows users looking to run Microsoft’s Intune disk wipe function might want to reconsider. Microsoft MVP Rudy Ooms recently discovered that performing a remote or local wipe on Windows 10 21H2 or Windows 11 21H2 leaves behind personal data in the Windows.old folder.

According to Microsoft, performing the wipe function “removes all personal and company data and settings” from a device.

Upon further testing, Ooms found the operation did work as advertised with Windows version 21H1 but not 21H2. Worse yet, it didn’t take much work to be able to read the left-behind files and access potentially sensitive data as BitLocker protection is also removed. Not good.

Ooms created a PowerShell Script to address the issue until Microsoft can introduce a formal patch. It’s available to download in his blog post on the issue should you be interested.

The fiasco brings up a good question. We’ve discussed data backup strategies in the past, but what is your data wiping strategy? Do you rely on software tools to wipe and repurpose or take a hardware-centric approach?

I personally have no problem with handing down old hardware, but I always pull the storage drive and replace it with a new unit as it’s just not worth the risk in my opinion. Once I’m certain I’ve backed up everything I need, I’ll format the old drive before physically destroying it.

Source: techspot

Related Posts