UEFI Archives

Winsage

May 26, 2026

Why Hyper-V Breaks Emulators on Windows 11 (And the Fix)

Enabling Hyper-V on Windows 11 can cause applications like BlueStacks or VirtualBox to lag or fail to launch due to conflicts with CPU virtualization extensions (VT-x/AMD-V). Hyper-V is a Type-1 hypervisor that monopolizes these resources, preventing Type-2 hypervisors from accessing them directly. Common issues include error messages from BlueStacks, LDPlayer, VirtualBox, VMware, and Android Studio related to virtualization availability. To check if Hyper-V is enabled, users can use Task Manager, System Information, Windows Features, Command Prompt, or PowerShell. Disabling Hyper-V can be done through various methods, including unchecking it in Windows Features, using PowerShell, the bcdedit command, or modifying BIOS settings. However, disabling Hyper-V also stops functionalities like WSL2 and Memory Integrity. Some modern emulators, such as BlueStacks and VMware Workstation Pro, have adapted to work alongside Hyper-V, while VirtualBox's compatibility remains experimental. For optimal emulator performance, users should allocate appropriate CPU cores and RAM, ensure virtualization is enabled in BIOS, enable GPU acceleration, and set the Windows power plan to "Best performance." If issues persist, users should confirm Hyper-V is off, check BIOS settings, and reset emulator configurations.

Winsage

May 24, 2026

Windows Secure Boot certificates start expiring June 24

Windows Secure Boot is a feature of the Unified Extensible Firmware Interface (UEFI) specification that enhances system security by ensuring only trusted software is loaded during the startup sequence. It verifies the digital signatures of boot components to protect against malicious software and unauthorized access. Key aspects include enhanced security by preventing untrusted code execution, compatibility with various hardware and software configurations, and user control over Secure Boot settings for customization.

Winsage

May 15, 2026

Microsoft fixes a major BitLocker bug… but leaves Windows 10 users hanging (for now)

Microsoft confirmed a BitLocker-related issue caused by the April 2026 Security Update (KB5083769) for Windows 11, which led some devices to boot into the BitLocker recovery screen. A fix has been released, but it is currently available only for Windows 11, version 25H2, with Windows 10 and Windows Server users awaiting a solution. Administrators are advised to remove the "Configure TPM platform validation profile for native UEFI firmware configurations" Group Policy setting before installing the April 2026 update. Additionally, a security researcher named Chaotic Eclipse has developed a zero-day exploit called YellowKey, which can bypass BitLocker security using a USB stick, affecting Windows Server 2022 and 2025 but not Windows 10.

Winsage

May 13, 2026

Microsoft releases Windows 10 KB5087544 extended security update

Microsoft has released the Windows 10 KB5087544 extended security update, which addresses vulnerabilities identified during the May 2026 Patch Tuesday and resolves issues related to Remote Desktop warnings. Users on Windows 10 Enterprise LTSC or enrolled in the ESU program can install it via Settings under Windows Update. The update upgrades Windows 10 to build 19045.7291 and Windows 10 Enterprise LTSC 2021 to build 19044.7291. The update focuses on security enhancements and bug fixes, addressing 120 vulnerabilities. Key fixes include resolving incorrect Remote Desktop security warning dialogs in multi-monitor setups, introducing dynamic status reporting for Secure Boot, and adjusting Daylight Savings Time for Egypt. A known issue may require users to input their BitLocker recovery key after installation, affecting systems with specific BitLocker Group Policy configurations. Microsoft suggests removing the affected Group Policy setting and suspending and resuming BitLocker as a temporary solution.

AppWizard

April 29, 2026

Denuvo has been cracked in all single-player games it previously protected — 2K Games and Denuvo reportedly retaliate with mandatory 14-day online checks

The skull-and-bones community has declared that there are no games utilizing Denuvo that remain uncracked or bypassed. The MKDev collective and DenuvOwO developed a hypervisor-based bypass (HVB) in late 2025, which intercepts Denuvo's verification checks. The cracker voices38 successfully removed Denuvo from several titles, including Resident Evil: Requiem. Denuvo has since implemented a 14-day mandatory online check for certain games, complicating the HVB method. The latest version of HVB requires users to disable Core Isolation and Driver Signature Enforcement to run games. The community includes notable figures like repacker FitGirl, who has acknowledged the collaborative efforts of DenuvOwO and voices38.

Winsage

April 27, 2026

Windows 11 KB5083769: The April Update may require the recovery key on certain BitLocker-enabled systems

The April update KB5083769 for Windows 11 versions 24H2 and 25H2, released on April 14, 2026, has a known issue where certain devices may enter BitLocker recovery mode after installation. This problem affects a limited subset of devices with specific, non-recommended BitLocker Group Policy settings. The issue arises when BitLocker is activated, a specific TPM platform validation policy is set to include PCR7, PCR7 binding is not feasible, the Windows UEFI CA 2023 certificate is present, and the device is not using the 2023-signed Windows Boot Manager. Microsoft advises organizations to review their BitLocker Group Policy settings and verify PCR7 binding status before deploying the update to prevent devices from requesting recovery keys. If the recovery prompt appears, users will need to enter the BitLocker recovery key, but subsequent reboots should not trigger the recovery process again if the Group Policy remains unchanged.

Winsage

April 16, 2026

Windows 11’s April update is locking some users out of their PCs

Users have reported issues with Windows 11 update KB5083769, which has triggered BitLocker recovery key prompts, locking some users out of their PCs. Microsoft acknowledged that the problem mainly affects corporate devices with specific BitLocker Group Policy settings. The issue is limited to systems where BitLocker is enabled, certain Group Policy configurations are set, and the Secure Boot State PCR7 Binding is “Not Possible.” Affected users need to enter their BitLocker recovery key or contact IT support for assistance. Microsoft has also provided guidance for IT departments to perform a Known Issue Rollback to remove the problematic updates, though this may expose systems to vulnerabilities.

Winsage

April 16, 2026

Microsoft April Update Forces BitLocker Recovery on Servers

A recent Microsoft security update, April 2026 KB5082063, has caused issues for administrators of Windows Server 2025 and Windows 11 systems, with many devices entering BitLocker recovery mode after reboot, requiring a 48-digit recovery key. This issue primarily affects enterprise-managed systems with specific TPM Group Policy settings involving PCR7 validation. Similar problems have been reported with updates KB5083769 and KB5082052 on Windows 11. The issue arises from five conditions: BitLocker must be enabled on the OS drive, the Group Policy must include PCR7, the msinfo32.exe tool must show Secure Boot State PCR7 Binding as “Not Possible,” the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft suggests two workarounds: removing the TPM validation Group Policy before the update and re-enabling BitLocker, or applying a Known Issue Rollback (KIR) before installation. Skipping the April updates is not advisable due to the addressing of 167 vulnerabilities, including two zero-days. BitLocker recovery issues following updates have been recurring since 2022, with similar incidents reported in August 2022, August 2024, and May 2025, indicating ongoing challenges with Secure Boot certificates and TPM validation bindings in enterprise environments.

Winsage

April 16, 2026

Microsoft: April updates trigger BitLocker key prompts on some servers

Microsoft announced that certain Windows Server 2025 devices may experience a BitLocker recovery prompt after installing the April 2026 KB5082063 Windows security update. The recovery mode will be triggered under specific conditions: BitLocker must be enabled on the operating system drive, the Group Policy for TPM validation must be configured with PCR7, the Secure Boot State PCR7 Binding must indicate "Not Possible," the Windows UEFI CA 2023 certificate must be in the Secure Boot Signature Database, and the device must not be using the 2023-signed Windows Boot Manager. Microsoft stated that this issue is unlikely to affect personal devices, as the configurations are mainly found in enterprise-managed systems. They are working on a resolution and recommend administrators remove the Group Policy configuration before deploying the update. If removal is not possible, applying a Known Issue Rollback (KIR) is advised to prevent triggering the recovery prompt. Microsoft has previously addressed similar BitLocker recovery prompt issues in May 2025, August 2024, and August 2022.

Winsage

April 2, 2026

Windows Security App Gains Secure Boot Certificate Status Ahead of Major Certificate Refresh

The Secure Boot certificates used by the Unified Extensible Firmware Interface (UEFI) on Windows PCs will expire in late June 2026. Microsoft is rolling out updated certificates through Windows Update to ensure user protection. Starting in April 2026, users can check their device's status in the Windows Security app, which will feature a color-coded badge system: - Green Checkmark: New certificates are installed, no action needed. - Yellow Caution Badge: Update pending or blocked due to hardware/firmware issues (expected in May 2026). - Red Stop Icon: Alerts users that older certificates are expiring, potentially preventing essential boot-level security updates (may appear as early as June 2026). The status will also be indicated in the Windows Security system tray icon. Most users will have a seamless update process by keeping Windows Update enabled, with devices from 2025 and many from 2024 covered. Older machines will receive updates gradually, guided by major OEMs. Microsoft advises against ignoring yellow or red warnings, as devices without updated certificates may be vulnerable to security threats and incompatible with future Windows updates. A support resource is available at aka.ms/getsecureboot.