recovery screen Archives

Winsage

May 15, 2026

Microsoft fixes a major BitLocker bug… but leaves Windows 10 users hanging (for now)

Microsoft confirmed a BitLocker-related issue caused by the April 2026 Security Update (KB5083769) for Windows 11, which led some devices to boot into the BitLocker recovery screen. A fix has been released, but it is currently available only for Windows 11, version 25H2, with Windows 10 and Windows Server users awaiting a solution. Administrators are advised to remove the "Configure TPM platform validation profile for native UEFI firmware configurations" Group Policy setting before installing the April 2026 update. Additionally, a security researcher named Chaotic Eclipse has developed a zero-day exploit called YellowKey, which can bypass BitLocker security using a USB stick, affecting Windows Server 2022 and 2025 but not Windows 10.

Winsage

May 14, 2026

‘Avoid Disruption’—Microsoft Updates Windows Before June Deadline

Microsoft has released a security update for Windows 10 users, identified as KB5087544, which includes dynamic status reporting for Secure Boot states. Secure Boot certificates, in place for 15 years, are set to expire next month, and Microsoft advises users to update their certificates to avoid security risks. All Windows 10 PCs will require new certificates, but only those in the Extended Security Updates (ESU) program will be eligible for the update. Most Windows 11 devices will also need new certificates, except those purchased in the last two years. Failure to install the new certificates may affect device boot security. The update also addresses a security warning related to Remote Desktop Connection and may prompt some users to enter a BitLocker recovery key after restarting. New certificates will only be issued to devices that show successful update signals, and users should upgrade their Windows Security App to address potential issues. Notifications will be sent once new Secure Boot certificates are installed.

Winsage

April 16, 2026

Microsoft April Update Forces BitLocker Recovery on Servers

A recent Microsoft security update, April 2026 KB5082063, has caused issues for administrators of Windows Server 2025 and Windows 11 systems, with many devices entering BitLocker recovery mode after reboot, requiring a 48-digit recovery key. This issue primarily affects enterprise-managed systems with specific TPM Group Policy settings involving PCR7 validation. Similar problems have been reported with updates KB5083769 and KB5082052 on Windows 11. The issue arises from five conditions: BitLocker must be enabled on the OS drive, the Group Policy must include PCR7, the msinfo32.exe tool must show Secure Boot State PCR7 Binding as “Not Possible,” the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft suggests two workarounds: removing the TPM validation Group Policy before the update and re-enabling BitLocker, or applying a Known Issue Rollback (KIR) before installation. Skipping the April updates is not advisable due to the addressing of 167 vulnerabilities, including two zero-days. BitLocker recovery issues following updates have been recurring since 2022, with similar incidents reported in August 2022, August 2024, and May 2025, indicating ongoing challenges with Secure Boot certificates and TPM validation bindings in enterprise environments.

Winsage

April 16, 2026

Microsoft: April updates trigger BitLocker key prompts on some servers

Microsoft announced that certain Windows Server 2025 devices may experience a BitLocker recovery prompt after installing the April 2026 KB5082063 Windows security update. The recovery mode will be triggered under specific conditions: BitLocker must be enabled on the operating system drive, the Group Policy for TPM validation must be configured with PCR7, the Secure Boot State PCR7 Binding must indicate "Not Possible," the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft stated that this issue is unlikely to affect personal devices, as the configurations are mainly found in enterprise-managed systems. They are working on a resolution and recommend administrators remove the Group Policy configuration before deploying the update. If removal is not possible, applying a Known Issue Rollback (KIR) is advised to prevent triggering the recovery prompt. Microsoft has previously addressed similar BitLocker recovery prompt issues in May 2025, August 2024, and August 2022.

Winsage

April 15, 2026

Microsoft releases Windows 10 KB5082200 extended security update

Microsoft has released the Windows 10 KB5082200 extended security update, addressing vulnerabilities from the April 2026 Patch Tuesday, including two critical zero-day flaws. The update enhances security with new protections against phishing attacks using Remote Desktop Protocol (.rdp) files and provides updated indicators in Windows Security for new Secure Boot certificates. Users can install the update by checking for updates in the Windows Update settings. After installation, Windows 10 will upgrade to build 19045.7184, and Windows 10 Enterprise LTSC 2021 will transition to build 19044.7184. The update resolves a total of 167 vulnerabilities, including two significant zero-day issues, and includes fixes for signing into Microsoft apps, enhanced Remote Desktop security, dynamic Secure Boot status reporting, and issues affecting Intel-based devices with Connected Standby. Microsoft is also rolling out new Secure Boot certificates to replace older ones expiring in June 2026, with no known issues reported for this update.

Winsage

November 7, 2025

Surprise! A Windows BitLocker bug has returned to ruin your reboot — here’s how to get around it

Windows 11 and Windows 10 users are experiencing a recurring bug related to BitLocker, which has reappeared after Microsoft's October security updates. Microsoft has acknowledged this issue within its Microsoft 365 Business and Windows 11 Enterprise channels, particularly affecting systems using Modern Standby. A fix is being deployed, and organizations impacted by the bug are advised to use the Known Issue Rollback tool as a temporary workaround. Users encountering the BitLocker recovery screen can retrieve their recovery key from their Microsoft account at aka.ms/myrecoverykey. Additionally, recent updates have introduced various bugs, including disruptions to the "Reset my PC" feature and issues with localhost connections and the Windows Recovery Environment. Microsoft is actively working to address these bugs.

Winsage

November 6, 2025

Latest Windows Updates Trigger BitLocker Recovery

Microsoft has warned that its October 2025 security update may cause a BitLocker recovery prompt on certain systems, particularly affecting devices running Windows 10 version 22H2 and Windows 11 versions 25H2 and 24H2. BitLocker, a security feature in Windows, encrypts drive contents to protect against unauthorized access. The issue arises when some devices inadvertently enter BitLocker recovery mode during startup. This is especially common with Intel-based devices that support Connected Standby. Affected users may need to enter a recovery key once, after which the device should boot normally. Microsoft has provided a fix that administrators must manually deploy, and users without their recovery key risk losing data. They are advised to try retrieving the key through their Microsoft account.

Winsage

November 6, 2025

I’m exhausted by incessant Windows 11 bugs – and the return of the BitLocker recovery glitch is an ugly sight

Microsoft has acknowledged a new issue affecting Windows 10 and Windows 11 users related to the BitLocker encryption feature, causing unexpected booting into BitLocker recovery mode, particularly for users unaware of their encryption key. This problem primarily impacts Windows 11 versions 25H2 and 24H2, and Windows 10 version 22H2, with Intel-based systems being the most affected. Users are advised to ensure their encryption key is available or consider disabling BitLocker due to the frequency of issues. Microsoft has indicated that this bug should not result in data corruption.

Winsage

November 6, 2025

Windows security update triggers BitLocker recovery in some systems — bug mostly impacts Intel PCs with Modern Standby support

Microsoft has issued a service alert regarding the October 2025 Windows security update, warning that it may trigger BitLocker recovery on certain systems, specifically those running Windows 11 versions 24H2 and 25H2, as well as Windows 10 version 22H2. Affected devices may boot into the BitLocker recovery screen after installing updates released on or after October 14, 2025, requiring users to enter their recovery key. Similar issues have occurred in previous updates in May 2023, 2024, and 2022. Users should verify if BitLocker is enabled and retrieve their recovery key from their Microsoft account if needed. BitLocker is a security feature that protects data but can complicate access to local accounts if activated unexpectedly.

Winsage

November 5, 2025

Microsoft warns Windows 11 25H2, 24H2 October update triggers BitLocker recovery on PCs for businesses

Microsoft has acknowledged a significant issue affecting users of BitLocker on Windows 11 versions 25H2 and 24H2, as well as Windows 10, which may prompt users to enter their BitLocker recovery key during startup, risking data loss if the key is not available. The problem arises after installing Windows Updates released on or after October 14, 2025, and predominantly affects Intel-based PCs with the "Connected Standby" feature. Affected users can check if BitLocker is enabled by navigating to Settings > System > Storage > Disk & Volumes. Microsoft is rolling out a fix, but business users must manually deploy it. Users are advised to back up their BitLocker recovery keys to their Microsoft accounts.