Critical BitLocker Issues Arising from Windows 10 Update
Recent reports have highlighted a significant problem with BitLocker on Windows 10 devices, triggered by the May 2025 Patch Tuesday update. This update has thrown many systems into a relentless cycle of BitLocker recovery mode and rebooting, impacting user data security. The situation has escalated since the findings related to Windows 11 24H2, where unsuspecting users faced data loss due to default encryption settings.
Root Cause Identified: Intel’s Trusted Execution Technology
Microsoft’s preliminary investigation pinpointed the conflict to Intel’s Trusted Execution Technology (TXT).Although details of the conflict were initially vague, a workaround was identified: disabling the TXT feature within the BIOS settings of affected Intel-based computers. This simple solution can help users regain control without risking further complications from BitLocker.
Understanding Intel TXT and Its Implications
For those unfamiliar with it, Intel TXT is a security feature embedded in Intel processors and chipsets designed to safeguard systems against software attacks. It does this by isolating applications in a secure environment, using hardware security to protect sensitive data, and implementing features like Intel Platform Trusted Technology (PTT) and Secure Boot.
New Developments from Microsoft on the Issue
Following user feedback, Microsoft has updated its Windows Health Dashboard, providing further insights into the conflict. The company confirmed that the interaction between Intel TXT and the KB5058379 update for Windows 10 is disrupting the lsass.exe process, leading to the Automatic Repair feature being triggered in affected systems.
The Role of the LSASS Process
The Local Security Authority Server Service (LSASS) is crucial for validating user credentials for both local and remote logins. When conflicts occur with Intel TXT, it explains why many systems are entering a BitLocker recovery loop: the LSASS process cannot perform its duties effectively under the circumstances.
Impact on Users: Reboot Loops and Update Failures
When affected devices encounter issues, they respond in two potential ways. In a favorable scenario, the system will attempt to reinstall the KB5058379 update multiple times before successfully reverting to a previously stable state. Unfortunately, if this process fails, users may experience a continuous reboot cycle, which can be frustrating.
Additional Symptoms to Watch For
Microsoft has also noted several error messages that may appear during this time:
- Event ID 20: “Installation Failure: Windows failed to install the following update with error 0x800F0845: 2025-05 Cumulative Update for Windows 10 22H2 for x64-based Systems (KB5058379).”
- Event ID 1074: “The system process ‘C:\WINDOWS\system32\lsass.exe’ terminated unexpectedly with status code -1073740791.”
Looking Ahead: Microsoft’s Response
Microsoft is actively working on a solution to address this bug. An out-of-band update is expected to be released shortly, akin to the prior resolution for Windows 11 24H2. For ongoing updates and details, users can refer to the issue entry on the Windows Health Dashboard.
Related Articles:
Weekly Microsoft 365 Roadmap Update: Enhanced Compact Notifications in Teams, Copilot Enhancements & More
19:11
Enhance Windows 11 Performance with This Hidden Setting
18:05
Download Microsoft PC Manager 3.17.4.0 Offline Installer
14:29
Leave a Reply ▼