Despite Microsoft’s announcement regarding the impending end of update support for Windows 10 in October 2025, the operating system continues to receive new patches. However, the latest cumulative update, KB5058379, released on May 13, has not been without its complications. Users have reported various issues, particularly those with devices from manufacturers such as Dell, Lenovo, and HP, although others have also encountered problems.
Responses from Microsoft employees on platforms like Reddit indicate that the company is aware of the situation. As of May 16, a fix for the bug has not yet been deployed, but Microsoft has provided users with a temporary workaround.
How do you get around the BitLocker bug and unlock your machine?
For those affected by the BitLocker bug, Microsoft Support has outlined a series of steps to regain access to their devices:
- Disable Secure Boot
- Access the system’s BIOS/Firmware settings.
- Locate the Secure Boot option and set it to Disabled.
- Save the changes and reboot the device.
- Disable Virtualization Technologies (if issue persists)
- Re-enter BIOS/Firmware settings.
- Disable all virtualization options, including:
- Intel VT-d (VTD)
- Intel VT-x (VTX)
- Note: This action may prompt for the BitLocker recovery key, so ensure the key is available.
- Check Microsoft Defender System Guard Firmware Protection Status
- You can verify this in one of two ways:
- Registry Method
- Open Registry Editor (regedit).
- Navigate to: HKEYLOCALMACHINESYSTEMCurrentControlSetControlDeviceGuardScenariosSystemGuard
- Check the Enabled DWORD value:
- 1 → Firmware protection is enabled
- 0 or missing → Firmware protection is disabled or not configured
- GUI Method (if available)
- Open Windows Security > Device Security, and look under Core Isolation or Firmware Protection.
- Registry Method
- You can verify this in one of two ways:
- Disable Firmware Protection via Group Policy (if restricted by policy)
- If firmware protection settings are hidden due to Group Policy, follow these steps:
- Using Group Policy Editor
- Open gpedit.msc.
- Navigate to: Computer Configuration > Administrative Templates > System > Device Guard > Turn On Virtualization Based Security
- Under Secure Launch Configuration, set the option to Disabled.
- Or via Registry Editor
- [HKEYLOCALMACHINESYSTEMCurrentControlSetControlDeviceGuardScenariosSystemGuard]
- “Enabled”=dword:00000000
- Using Group Policy Editor
- If firmware protection settings are hidden due to Group Policy, follow these steps:
Important: A system restart is required for these changes to take effect. It is crucial to note that these workarounds should only be implemented until Microsoft releases a patched update. Disabling TXT in the BIOS may compromise the security of your system, so it should only be used if absolutely necessary to access an affected machine. Otherwise, the safest course of action is to wait for Microsoft to resolve the issue and to download any recommended updates from Windows Update in the coming days.
The question remains whether this coding mishap is linked to Microsoft’s recent initiative to utilize AI in coding approximately 30% of Windows repositories. Only time will tell.
