When you buy through links on our articles, Future and its syndication partners may earn a commission.
BitLocker Update and Fixes
Last month, Windows Central highlighted a significant issue with the April 2026 Security Update (KB5083769) for Windows 11. This update inadvertently introduced a BitLocker-related glitch, which caused affected devices to boot directly into the BitLocker recovery screen, effectively locking users out of their systems. In response, my colleague Mauro Huculak crafted a detailed guide to help users navigate this challenge, suggesting either the reversal of the Group Policy configuration or the input of the recovery key when prompted.
Microsoft has since confirmed that this issue is not widespread, affecting only a limited number of Windows 10, Windows 11, and Windows Server devices with specific configurations involving BitLocker, PCR7, and Secure Boot settings. A fix has been rolled out, as reported by Bleeping Computer.
For those unfamiliar, BitLocker is a crucial security feature in Windows 11 that safeguards data by encrypting drives, thereby protecting sensitive information from unauthorized access. This feature is particularly vital in scenarios where a device may be lost or stolen, as it ensures that files remain inaccessible without the recovery key.
Earlier this week, Microsoft announced the release of a fix aimed at resolving the frustrating BitLocker issue that has left some users unable to access their PCs. However, it is important to note that this fix is currently available only for users operating Windows 11, version 25H2. Windows 10 and Windows Server users will have to wait a bit longer for a comprehensive solution.
“This update addresses an issue where some devices might enter BitLocker Recovery after updating boot files on systems with certain Trusted Platform Module (TPM) validation settings, including invalid PCR7 (Platform Configuration Register 7) configurations. This might occur after installing the April 2026 security update (KB5083769).” – Microsoft
As Microsoft continues to work on a permanent fix for all platforms, administrators are advised to remove the “Configure TPM platform validation profile for native UEFI firmware configurations” Group Policy configuration prior to downloading and installing the April 2026 Security update on their devices.
New Features and Security Concerns
In more positive news, Microsoft is set to enhance user control over Windows updates by introducing a feature that allows indefinite pausing of updates. Additionally, users will soon have the ability to automatically roll back faulty drivers, a welcome development for many.
Meanwhile, in an intriguing turn of events, security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, has reportedly managed to bypass Windows 11’s BitLocker security feature using a USB stick. This researcher shared a zero-day exploit named YellowKey, which enables access to locked files. The exploit can be activated by transferring certain files to a USB stick and rebooting into the Windows Recovery Environment. Tom’s Hardware confirmed the exploit’s effectiveness, noting its resemblance to a backdoor, with files disappearing from the USB stick after a single use.
This exploit appears to function across Windows Server 2022 and 2025, but not on Windows 10. Eclipse remarked, “I could have made some insane cash selling this, but no amount of money will stand between me and my determination against Microsoft.” For those interested, further details on the YellowKey zero-day exploit can be found on Tom’s Hardware.
Join us on Reddit at r/WindowsCentral to share your insights and discuss our latest news, reviews, and more.
