Microsoft confirms May Windows 10 updates trigger BitLocker recovery



​Microsoft has confirmed that some Windows 10 and Windows 10 Enterprise LTSC 2021 systems will boot into BitLocker recovery after installing the May 2025 security updates.

The BitLocker Windows security feature encrypts storage drives to prevent data theft, and Windows computers typically enter BitLocker recovery mode after events like TPM (Trusted Platform Module) updates or hardware changes to regain access to protected drives.

​Today, Microsoft confirmed the issue and said it’s investigating reports that “a small number” of Windows 10 PCs display BitLocker recovery screens after installing the KB5058379 update.

“On affected devices, upon installing the update, Windows might fail to start enough times to trigger an Automatic Repair. On devices with BitLocker enabled, BitLocker requires the input of your BitLocker recovery key to initiate an Automatic Repair,” the company said in a Windows release health update.

Impacted users who check the Windows Event Viewer will also see LSASS errors and installation failure events with 0x800F0845 errors in the System event log. Additionally, while some devices will enter a BitLocker recovery loop after Startup Repair fails to initiate an automatic repair, others will successfully roll back to the previously installed update after several attempts to install KB5058379.

You can retrieve the BitLocker recovery key by logging into the BitLocker recovery screen portal with your Microsoft account. This support page provides further details on how to find the recovery key in Windows.

Microsoft says it’s investigating the issue and will provide an update once more information regarding the root cause becomes available.

BitLocker recovery screen
BitLocker recovery screen (Microsoft)

Microsoft’s acknowledgment of this issue comes after many Windows users and admins have reported seeing devices unexpectedly enter the Windows Recovery Environment (WinRE) and displaying a BitLocker recovery screen after installing the KB5058379 cumulative update released as part of the May 2025 Patch Tuesday.

Currently, these reports point to a wide variety of system configurations and devices from Lenovo, Dell, and HP being affected, so it’s unclear if this is caused by a specific hardware or software issue.

“The latest KB5058379 released May 13 quality update failed in Windows 10 devices. Some devices it caused triggering bitlocker key window after restart,” one user said on Microsoft’s forums.

“We have about a half dozen laptops that experienced various intermittent issues after receiving the same KB – some require bitlocker keys to start up, others refusing to start at all,” a Windows admin added on Reddit.

According to some, reviving impacted systems stuck at a BitLocker recovery prompt might be possible by disabling the Intel Trusted Execution Technology (TXT) from the BIOS.

In August 2024, Microsoft fixed another issue that triggered BitLocker recovery prompts on Windows 10, Windows 11, and Windows Server systems after installing the July 2024 Windows security updates.

Two years earlier, in August 2022, Windows devices were impacted by similar issues after the KB5012170 security update caused some devices to boot into the BitLocker recovery screen.

Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.


Source link


Leave a Reply

Your email address will not be published. Required fields are marked *