Security News > 2021 > February > Windows 10 Secure Boot update triggers BitLocker key recovery
Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot.
Windows versions affected by this vulnerability include multiple Windows 10 releases, Windows 8.1, Windows Server 2012 R2, and Windows Server 2012.
Installing the KB4535680 security update on systems running affected Windows versions might lead to the BitLocker recovery key being requested after rebooting, according to a known issue recently acknowledged by Microsoft.
"If BitLocker Group Policy Configure TPM platform validation profile for native UEFI firmware configurations is enabled and PCR7 is selected by policy, it may result in the BitLocker recovery key being required on some devices where PCR7 binding is not possible," Microsoft explains.
BitLocker is Microsoft's full volume encryption feature that ships with all Windows versions since Windows Vista and uses the XTS-AES encryption algorithm to encrypt computer hard drives or removable drives to prevent data theft or exposure.
Users experiencing BitLocker recovery issues can use the information provided by Microsoft here to locate their recovery key.
News URL
Related news
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)
- Windows 10 KB5045594 update fixes multi-function printer bugs (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Windows 10 KB5046613 update released with fixes for printer bugs (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)