Microsoft has addressed a identified factor inflicting some Home windows 11 programs as well into BitLocker restoration after putting in the April 2026 Home windows safety updates.
BitLocker is a Home windows safety function that encrypts garage drives to offer protection to in opposition to knowledge robbery. It additionally incessantly turns on restoration mode after {hardware} adjustments or TPM (Depended on Platform Module) updates, blockading get entry to to safe drives that have not been unlocked typically.
Microsoft stated the problem on April 14, pronouncing it impacts Home windows 10, Home windows 11, and Home windows Server units with an “unrecommended” BitLocker Staff Coverage configuration, and that it’s going to urged customers to go into their BitLocker restoration key.
“Some units with an unrecommended BitLocker Staff Coverage configuration could be required to go into their BitLocker restoration key at the first restart after putting in this replace,” Microsoft mentioned.
Whilst this factor additionally impacts programs working Home windows shopper platforms corresponding to Home windows 10 and Home windows 11, Microsoft mentioned it is not going to impact non-public units, since affected configurations are normally discovered simplest on endeavor programs controlled by means of IT groups.
Fastened simplest on Home windows 11 25H2 programs
On Tuesday, Microsoft introduced that it addressed the problem with the KB5089549 cumulative replace for Home windows 11 25H2, however Home windows 10 and Home windows Server consumers will wish to watch for a repair, as an everlasting answer is deliberate for a long run replace.
“This replace addresses a subject matter the place some units may input BitLocker Restoration after updating boot information on programs with sure Depended on Platform Module (TPM) validation settings, together with invalid PCR7 (Platform Configuration Check in 7) configurations. This may happen after putting in the April 2026 safety replace (KB5083769),” it mentioned.
Till a repair is to be had for all affected platforms, Home windows admins are prompt to take away the “Configure TPM platform validation profile for local UEFI firmware configurations” Staff Coverage configuration sooner than deploying the April 2026 updates, and to make sure that BitLocker bindings use the PCR7 profile by means of following those steps.
In August 2022, Home windows units additionally changed into caught at a BitLocker restoration urged after putting in the KB5012170 safety replace.
Two years later, in August 2024, Microsoft mounted any other identified factor that brought on BitLocker restoration activates after putting in the July 2024 Home windows safety updates.
Extra just lately, in Would possibly 2025, Microsoft issued out-of-band emergency updates to deal with a equivalent factor that brought about Home windows 10 PCs to request the BitLocker restoration key after putting in the Would possibly 2025 safety updates.
This week, it additionally launched the Would possibly 2026 Patch Tuesday safety updates, overlaying 120 vulnerabilities, together with 17 “vital” flaws.
AI chained 4 zero-days into one exploit that bypassed each renderer and OS sandboxes. A wave of latest exploits is coming.
On the Self reliant Validation Summit (Would possibly 12 & 14), see how self reliant, context-rich validation unearths what is exploitable, proves controls cling, and closes the remediation loop.
Declare Your Spot
