[[{“value”:”
Microsoft has released an emergency out-of-band update (KB5061768) to address a critical issue causing Windows 10 systems to boot into BitLocker recovery screens following the installation of the May 2025 security updates.
The fix, released on May 19, comes after numerous reports from enterprise customers experiencing system lockouts and boot loops that required BitLocker recovery keys to regain access.
Windows 10 BitLocker Fix
The problem emerged after the installation of Windows 10 KB5058379 security update from May 13, 2025, which caused the Local Security Authority Subsystem Service (LSASS) to terminate unexpectedly on affected systems.
This termination triggered Automatic Repair processes that required BitLocker recovery keys, with some systems entering persistent boot loops even after key entry.
“On affected devices, upon installing the update, Windows might fail to start enough times to trigger an Automatic Repair,” Microsoft explained in its release health update.
“On devices with BitLocker enabled, BitLocker requires the input of your BitLocker recovery key to initiate an Automatic Repair”.
The issue affects systems running Windows 10 version 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 IoT Enterprise LTSC 2021 with Intel vPro processors (10th generation or later) that have Intel Trusted Execution Technology (TXT) enabled.
Most consumer devices running Home and Pro editions of Windows 10 remain unaffected as they typically don’t use Intel vPro processors.
Systems experiencing the problem displayed Event ID 20 in Windows Event Viewer with error code 0x800F0845, alongside Event ID 1074 reporting unexpected termination of lsass.exe with status code -1073740791.
The emergency update KB5061768 (OS Builds 19044.5856 and 19045.5856) is available exclusively through the Microsoft Update Catalog and is designed as a cumulative update, meaning users don’t need to install previous updates before deploying this fix.
Microsoft recommends that affected organizations download and install the update immediately to resolve the issue.
For systems unable to boot due to the BitLocker prompt, Microsoft suggests temporarily disabling Intel VT for Direct I/O (VTD/VTX) and Intel Trusted Execution Technology (TXT) in BIOS/UEFI settings.
After disabling these features, systems should boot successfully, allowing administrators to install the KB5061768 update.
Following installation and restart, the Intel security features can be re-enabled, though this will require entering the BitLocker recovery key once more.
“Microsoft Support doesn’t have the ability to retrieve, provide, or recreate a lost BitLocker recovery key,” the company emphasized, underscoring the importance of organizations maintaining secure backups of their BitLocker recovery keys.
This emergency release comes as Microsoft continues preparation for Windows 10’s end of support on October 14, 2025.
After this date, Microsoft will no longer provide free software updates, technical assistance, or security fixes for Windows 10.
The KB5061768 update also includes the latest servicing stack update (SSU KB5058526) for builds 19044.5853 and 19045.5853, improving the reliability of the update process for future installations.
For organizations unsure if they’re affected by this issue, Microsoft notes that the problem primarily impacts enterprise environments utilizing specific Intel security features, and those not experiencing BitLocker recovery prompts do not need to install the emergency update.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
The post Microsoft Releases Emergency Fix for BitLocker Recovery Issue appeared first on Cyber Security News.
“}]]
Read More Cyber Security News