Windows 10 users are currently navigating a challenge stemming from the recent KB5058379 update, which has been categorized as mandatory. This update has led to some PCs unexpectedly booting into Windows Recovery mode, necessitating the use of a BitLocker key. In certain instances, users have also encountered a Blue Screen of Death (BSOD). As reported by Windows Latest on May 15, this update is being rolled out universally, impacting both individual users and enterprises alike.
On May 17, Microsoft responded to the situation by updating its support documentation. The company acknowledged the issue primarily affects devices equipped with Intel Trusted Execution Technology (TXT) that utilize 10th generation or later Intel vPro processors. However, there is a silver lining for many users.
It Probably Won’t Affect You
According to Microsoft, consumer devices typically do not feature Intel vPro processors, making it less likely that the average user will be impacted by this particular issue. The problem is confined to specific platforms, including Windows 10 versions 22H2 and Windows 10 Enterprise LTSC 2021. Therefore, if your PC is powered by an Intel vPro chip, you might be tempted to delay the installation of the update. However, given its mandatory nature, postponing could lead to complications.
Fortunately, Microsoft is actively addressing the problem. The company has stated, “We are urgently working on a resolution for this issue, with plans to release an Out-of-band update to the Microsoft Update Catalog in the coming days.” The timing of the support document’s release on a Saturday underscores the urgency of the matter.
What To Do
For those affected, the first step is to locate your 48-digit BitLocker recovery key. Windows Latest has provided a straightforward guide to assist you through the necessary steps:
- Reboot your PC and enter the BIOS/UEFI settings. This can typically be done by pressing a specific key immediately after powering on, though the key varies by manufacturer. Common keys include F2, F10/F12, or Esc for brands like Dell, HP, and Lenovo.
- Once in the BIOS, navigate to the Security section. Look for Virtualization or Advanced CPU Settings and disable Intel TXT. This may also be labeled as Trusted Execution or OS Kernel DMA Support. You can keep VT for Direct I/O (VT-d) enabled.
- After making these changes, save your settings and exit the BIOS.
The objective is to disable Intel TXT/Trusted Execution to allow the KB5058379 installation to complete successfully. If executed correctly, users should avoid encountering BitLocker Recovery prompts or BSODs. It’s important to note that while the installation of KB5058379 may trigger these issues, they should not persist once the update is fully installed. However, the challenge lies in completing the installation without first disabling Intel TXT/Trusted Execution in the BIOS.
Interestingly, Windows 11 does not appear to be affected by this issue, providing a sense of relief for users who have upgraded to the latest operating system.
