Security News > 2021 > February > Windows 10 Secure Boot update triggers BitLocker key recovery
Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot.
Windows versions affected by this vulnerability include multiple Windows 10 releases, Windows 8.1, Windows Server 2012 R2, and Windows Server 2012.
Installing the KB4535680 security update on systems running affected Windows versions might lead to the BitLocker recovery key being requested after rebooting, according to a known issue recently acknowledged by Microsoft.
"If BitLocker Group Policy Configure TPM platform validation profile for native UEFI firmware configurations is enabled and PCR7 is selected by policy, it may result in the BitLocker recovery key being required on some devices where PCR7 binding is not possible," Microsoft explains.
BitLocker is Microsoft's full volume encryption feature that ships with all Windows versions since Windows Vista and uses the XTS-AES encryption algorithm to encrypt computer hard drives or removable drives to prevent data theft or exposure.
Users experiencing BitLocker recovery issues can use the information provided by Microsoft here to locate their recovery key.
News URL
Related news
- Windows 10 KB5041580 update released with 14 fixes, security updates (source)
- August Windows updates break dual boot on some Linux systems (source)
- August Windows security update breaks dual boot on Linux systems (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- New Windows 10 22H2 beta fixes memory leaks and crashes (source)
- Windows 10 KB5041582 update released with 5 changes and fixes (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Windows 10 KB5043131 update released with 9 changes and fixes (source)