An attacker with physical access can abruptly restart the device and dump RAM, as analysis of this memory may reveal FVEK keys from recently running Windows instances, compromising data encryption.
The effectiveness of this attack is, however, limited because the data stored in RAM degrades rapidly after the power is cut off.
Not the default at any company I’ve been at. What’s the point of encryption if it’s unlocked right away? Whoever’s doing that deserves this exploit. However, since that’s factually correct I’ll edit my original comment to add in:
Exactly.
I don’t use BitLocker, but I do use FDE on Linux, and I use a password at the bootloader level. Why would I bother with all the downsides of FDE if it isn’t actually secured by a password?