Microsoft has confirmed that the upcoming Windows 11 KB5083769 cumulative update may cause unexpected BitLocker recovery prompts on some PCs. The issue is primarily affecting systems in managed IT departments, rather than typical enthusiast builds.
An updated support document from Microsoft details that some users are encountering a prompt requiring BitLocker recovery after applying this specific update. This issue requires a combination of specific technical configurations to occur.
For the BitLocker recovery environment to trigger, several conditions must be met. First, BitLocker must be active on the PC. Second, the BitLocker Group Policy setting, “Configure TPM platform validation profile for native UEFI firmware configurations,” must be configured to include PCR7 (a TPM 2.0 module register) in the validation profile.
Additionally, running system information (msinfo32.exe) must show that the Secure Boot State PC47 Binding is “Not Possible.” Furthermore, the Windows UEFI CA 2023 certificate needs to be present in the device’s Secure Boot Signature Database (DB), and the device must be eligible for the Windows Boot Manager signed in 2023 to become the default. Finally, the device must not currently be running this specific 2023-signed Windows Boot Manager.
Fulfilling this unusual combination of criteria is what leads to the BitLocker Recovery environment triggering, resulting in a password prompt. Following this initial startup, subsequent startups will not trigger the recovery prompt again.
Microsoft offers two workarounds for organizations facing this issue. The preferred solution is to remove the problematic group policy configuration before rolling out the update across the company network. Alternatively, customers who cannot remove the PCR7 group policy setting can utilize a Known Issue Rollback (KIR).
Microsoft has indicated that a fix for this issue is planned and scheduled for a future Windows 11 update. However, due to the fact that the problem only affects a specific subset of PCs, Microsoft assessed its overall severity as much smaller compared to previous worldwide issues.