Microsoft has fixed a known Windows 11 issue that caused some systems to boot into BitLocker recovery after installing the April 2026 Windows security updates.
BitLocker is a Windows security feature that encrypts storage drives to help protect data from unauthorized access. In some cases, it can trigger recovery mode after hardware changes, TPM updates, or certain system configuration changes, requiring users to enter their BitLocker recovery key before they can access their device again.
Microsoft first acknowledged the issue on April 14, saying it affected Windows 10, Windows 11, and Windows Server devices using an “unrecommended” BitLocker Group Policy configuration. The company said some affected devices could ask users to enter their BitLocker recovery key after the first restart following the update.
Although the problem affected multiple Windows platforms, Microsoft said it was unlikely to impact most personal devices. The affected BitLocker settings are more commonly used on enterprise systems managed by IT administrators.
Microsoft has now addressed the issue with the KB5089549 cumulative update for Windows 11 25H2. However, Windows 10 and Windows Server users will have to wait longer, as Microsoft said a permanent fix for those platforms will arrive in a future update.
According to Microsoft, the issue could happen after boot files were updated on systems with certain Trusted Platform Module validation settings, including invalid PCR7 configurations. The problem was linked to the April 2026 security update KB5083769.
Until fixes are available for all affected platforms, Microsoft is advising Windows administrators to remove the “Configure TPM platform validation profile for native UEFI firmware configurations” Group Policy setting before deploying the April 2026 updates. Admins are also advised to make sure BitLocker bindings use the PCR7 profile.
This is not the first time Windows updates have caused BitLocker recovery problems. Similar issues were reported in August 2022, August 2024, and May 2025, when some Windows systems asked users for their BitLocker recovery key after installing security updates.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
The fix comes as Microsoft also released its May 2026 Patch Tuesday updates, addressing 120 vulnerabilities, including 17 critical security flaws.





