Windows Update Bug Triggers BitLocker Recovery Mode on Reboot
A bug in recent Windows security updates has caused some systems to unexpectedly boot into BitLocker recovery mode after installation and reboot. Microsoft confirmed that the issue primarily affects Intel devices with Connected Standby (Modern Standby) support, impacting platforms such as Windows 11 24H2, 25H2, and Windows 10 22H2. Users encountering this problem are required to enter their BitLocker recovery key to regain access, after which the system resumes normal operation without further prompts.
Microsoft has acknowledged the problem and advised IT administrators to use a group policy delivered via Known Issue Rollback (KIR) as a mitigation, with further support available through Microsoft Support for business customers. This incident follows similar BitLocker recovery issues triggered by Windows updates in May 2025, August 2024, and August 2022, highlighting a recurring challenge with update compatibility and BitLocker functionality on certain hardware configurations.
Timeline
Apr 14, 2026
Microsoft confirms April 2026 Windows 11 updates can trigger BitLocker recovery
Microsoft added a known issue on April 14, 2026 stating that Windows 11 cumulative updates KB5083769 and KB5082052 may cause unexpected BitLocker recovery prompts at boot on systems with certain BitLocker Group Policy settings. The company did not withdraw the updates and advised administrators to review policies, verify recovery key access, and monitor Release Health for further guidance.
Nov 5, 2025
Microsoft acknowledges the BitLocker recovery issue and shares a workaround
Microsoft confirmed that the October 2025 Windows updates could cause affected Windows devices to enter BitLocker recovery after restart. The company said users could recover by entering their BitLocker key and provided mitigation guidance while the issue was investigated.
Oct 1, 2025
October 2025 Windows security updates trigger BitLocker recovery on some PCs
After installing Microsoft's October 2025 Windows security updates and rebooting, some users were forced into BitLocker recovery mode. Reports indicate the issue primarily affected certain Intel-based systems, especially devices with Modern Standby support.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Organizations
Affected Products
Sources
Related Stories
Microsoft Windows January Updates Trigger Shutdown/Reboot Bug on VSM-Enabled Systems
Microsoft confirmed a **known issue** introduced by January Windows updates that can prevent affected PCs from shutting down properly, sometimes causing an unexpected reboot when users attempt to shut down. The problem is tied to systems with **Virtual Secure Mode (VSM)** / **Virtualization-Based Security (VBS)** enabled, which uses hardware virtualization to create a protected “secure kernel” intended to isolate sensitive assets (e.g., credentials, cryptographic keys, and security tokens) and underpin features like **Credential Guard**, **Device Guard**, and **Hypervisor-Protected Code Integrity**. Microsoft reports the issue affects **Windows 10 22H2**, **Windows 10 Enterprise LTSC 2021**, and **Windows 10 Enterprise LTSC 2019** when VSM is enabled and the **KB5078131** or **KB5073724** updates are installed; it was previously observed on **Windows 11 23H2** systems with **KB5073455** and **System Guard Secure Launch** enabled. As a temporary workaround, Microsoft advises impacted users to shut down via command line using `shutdown /s /t 0` while a broader fix for VSM-enabled systems is developed (with out-of-band updates already issued for the Windows 11 variant).
1 months ago
Windows Update KB5066835 Disrupts USB Input Devices in Windows Recovery Environment
Microsoft released the KB5066835 security update for Windows in October 2025, which introduced a critical issue affecting the Windows Recovery Environment (WinRE). After installing this update, users reported that USB-connected keyboards and mice stopped functioning within WinRE, rendering the recovery environment largely unusable for troubleshooting or repairing systems. The main Windows operating system remained unaffected, with USB input devices continuing to work as expected outside of recovery mode. This issue impacted both client versions, including Windows 11 24H2 and 25H2, as well as Windows Server 2025 platforms. Microsoft acknowledged the problem on its Windows release health dashboard, confirming that the bug was directly linked to the KB5066835 update. The inability to use USB input devices in WinRE prevented users from navigating recovery options, which could be particularly problematic for those needing to restore or repair their systems after critical failures. As a temporary workaround, Microsoft suggested using Bluetooth wireless input devices or legacy PS/2 connectors, which were not affected by the update. The company assured users that a fix was being developed and would be released in the coming days to address the issue. This incident followed previous problems with WinRE updates, such as the 0x80070643 installation errors that were resolved earlier in the year. The rapid response from Microsoft included an emergency patch to mitigate the disruption caused by the faulty update. Security news outlets highlighted the urgency of the situation, emphasizing the importance of WinRE for system recovery and the widespread impact of the bug. The incident underscored the risks associated with critical system updates and the need for thorough testing, especially for components essential to system recovery. Administrators and end-users were advised to monitor Microsoft's official channels for updates and to consider alternative input methods if immediate access to WinRE was required. The event demonstrated the cascading effects a single update can have on system usability, particularly in scenarios where recovery tools are vital. Microsoft's communication and swift action were crucial in managing the fallout and restoring confidence among its user base. The situation also served as a reminder for organizations to have contingency plans for recovery operations in the event of unexpected software issues.
1 months ago
Windows 11 January Security Updates Trigger UNMOUNTABLE_BOOT_VOLUME Boot Failures
Microsoft is investigating and has acknowledged a limited issue where some **Windows 11** devices fail to boot after installing the **January 2026 Patch Tuesday security updates**, presenting a BSOD/black crash screen with stop code **`UNMOUNTABLE_BOOT_VOLUME`**. Impacted systems can become stuck in a restart loop and are unable to start Windows without **manual recovery efforts**, with Microsoft collecting reports from users and enterprise administrators to determine scope and root cause. Reporting indicates the problem affects **physical devices** (with no virtual machines reported as impacted so far) and is tied to specific Windows 11 builds and cumulative updates, including **Windows 11 25H2** and **Windows 11 24H2** after installing **`KB5074109`**. Microsoft has not yet confirmed the underlying cause or provided a universal remediation beyond recovery steps, and is requesting affected customers submit diagnostics via the **Feedback Hub** while it determines whether the behavior is a regression introduced by the update.
1 months ago