Latest Windows 10 Update Triggers BitLocker Recovery Chaos — Here’s the Fix
Microsoft releases urgent update to fix BitLocker lockouts on Windows 10 systems.
Key Takeaways:
- Microsoft releases emergency update KB5061768 to fix BitLocker and crash issues in Windows 10.
- The bug is linked to May 2025 updates and affects specific Intel-powered systems.
- Temporary BIOS/UEFI changes may be needed if the patch can’t be installed right away.
Microsoft has issued an out-of-band update (KB5061768) for Windows 10 to fix critical BitLocker recovery issues and blue screen crashes triggered by the May 2025 Patch Tuesday updates. This bug specifically impacts systems running Windows 10 22H2 and Windows 10 Enterprise LTSC 2021.
BitLocker is a built-in Windows security feature that encrypts the entire drive to protect user data from unauthorized access. It uses advanced encryption algorithms and can work with a Trusted Platform Module (TPM) chip to securely store encryption keys. Once enabled, BitLocker runs in the background and ensures that only authorized users can access the system, which adds an extra layer of protection without significantly affecting performance.
What caused the BitLocker and blue screen issues in Windows 10?
Microsoft previously stated that the issue stems from the Windows 10 KB5058379 patch released on May 13. Some users reported that their devices failed to start, incorrectly prompting for the BitLocker recovery key. Even if the system manages to boot, it may crash with a blue screen error. This problem only affects Windows 10 devices with Intel Trusted Execution Technology (TXT) enabled on 10th-generation or newer Intel vPro processors.
“A known issue on devices with Intel Trusted Execution Technology (TXT) enabled on 10th-generation or later Intel vPro processors. On these systems, installing the May 13, 2025, Windows security update (KB5058379) might cause the Local Security Authority Subsystem Service (LSASS) process to terminate unexpectedly, triggering an Automatic Repair prompting for the BitLocker recovery key to continue,” Microsoft explained.
What to do if your PC won’t boot normally?
Microsoft advises users to install the KB5061768 update through the Microsoft Update Catalog to fix BitLocker recovery issues on affected Windows 10 devices. For those unable to apply the patch immediately, a temporary workaround involves disabling Intel VT for Direct I/O (VTD or VTX) and Intel Trusted Execution Technology (TXT) in the BIOS/UEFI settings.
Once these settings are disabled, Windows 10 should boot normally, prompting users to enter their BitLocker recovery key. After logging in and installing the update, users can return to the BIOS/UEFI and re-enable the previously disabled options.
Microsoft plans to end support for Windows 10 in October this year. Last week, Microsoft announced that it will provide security updates for Microsoft 365 apps on Windows 10 PCs until October 2028. This would be good news for Windows 10 users who aren’t ready yet to upgrade to Windows 11.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...
