Microsoft acknowledges massive BitLocker recovery issue in July 2024 Windows Update

Microsoft has confirmed a significant problem with the July 2024 Windows security update (KB5040442) that is causing widespread disruption for users. The update, released on July 9, 2024, is triggering unexpected BitLocker recovery issue prompts on affected devices, particularly those with Device Encryption enabled.

Impact and scope

The issue is affecting a wide range of Windows versions, including:

• Windows 11, versions 23H2 and 22H2.
• Windows 10, versions 22H2 and 21H2.
• Windows 10 Enterprise LTSC 2019.
• Various Windows Server versions (2022, 2016, 2012 R2, 2012, 2008 R2 SP1, 2008 SP2).

Users report that after installing KB5040442 and restarting their machines, they are unexpectedly confronted with a BitLocker recovery screen, requiring the input of a recovery key to access their systems.

Cause and Microsoft’s response

While the exact cause remains under investigation, Microsoft has acknowledged the issue and is actively working on a resolution. The problem appears to be related to changes made to address a previous BitLocker vulnerability (CVE-2024-20666) patched earlier in the year.

Microsoft has not yet provided an official workaround or fix, leaving many IT administrators and users scrambling to retrieve BitLocker recovery keys to regain access to affected devices.

User workarounds

The issue is particularly problematic for enterprise environments, where IT staff are required to manually retrieve BitLocker recovery keys from Active Directory or other management systems. This process is time-consuming and disruptive to normal business operations.

For individual users, Microsoft recommends retrieving the recovery key by logging into the BitLocker recovery screen portal with their Microsoft account. However, this solution may not be feasible for all users, especially those in managed environments.

Some users have reported success with the following workaround:

1. Boot into Safe Mode or Windows Recovery Environment (WinRE).
2. Navigate to C:\Windows\System32\drivers\CrowdStrike.
3. Delete the file matching “C-00000291*.sys.”
4. Restart the device.

It’s important to note that this workaround may not be suitable for all systems and should be approached with caution.

Ongoing developments

As Microsoft continues to investigate the root cause and develop a permanent fix, users and IT administrators are advised to:

1. Be prepared with BitLocker recovery keys before applying the update.
2. Consider deferring the update on critical systems until a resolution is available.
3. Monitor official Microsoft channels for updates and potential fixes.

This incident underscores the importance of having robust backup and recovery processes in place, as well as the need for caution when applying security updates, even from trusted sources like Microsoft.

Related Posts

1. Microsoft announces depreciation of WSUS driver synchronization, April 18, 2025 deadline fast approaching
2. Microsoft Research announces CoExplorer and MAIRA-2, groundbreaking AI advancements in healthcare and productivity
3. Microsoft subsidiary Nuance Communications implicated in major data breach at Geisinger, revealing over 1 million affected patients’ personal information
4. Fake Google Chrome errors trick users into running malicious PowerShell scripts
5. Microsoft launches cybersecurity program to protect rural hospitals serving over 60 million Americans