Monday, July 29th 2024

Windows 11 July Update Breaks Bitlocker, Forces Recovery

by
btarunr
 Discuss (74 Comments)
The Windows 11 "patch Tuesday" update for July 2024 breaks Bitlocker drive encryption, Microsoft notes in its issue discovery. The company releases monthly major update packages for Windows, timing them on every second Tuesday of the month. The July 2024 update carries the knowledge-base identifier KB5040442, and applies to Windows 11 22H2 and 23H2. Bitlocker is a first-party disk encryption feature by Microsoft that's included with Windows 10 Pro, Windows 11 Pro, and Windows 11 Enterprise editions. You are prompted a disk decryption password at every system startup, the disk remains encrypted until either password is input, or a Bitlocker Recovery process is followed.

The KB5040442 causes Bitlocker to forget its own password, forcing you to clear the Bitlocker Recovery process. When you encrypt a volume with Bitlocker, you are given a recovery key that you're supposed to safekeep. Those with online Microsoft accounts have the option to get Microsoft to store their recovery keys, so they could log into their Microsoft account on another device (like a phone), and access the stored recovery key, which they then manually input on the borked machine to create a new Bitlocker password. Microsoft acknowledges that Bitlocker recovery is only a workaround, KB5040442 will cause machines to forget their Bitlocker passwords, and force a recovery. The company is working on an update that fixes this, so if you have an always-on machine with Bitlocker that just got patched to KB5040442, you might want to keep the recovery key handy.
Source: Microsoft

Related News

Add your own comment

74 Comments on Windows 11 July Update Breaks Bitlocker, Forces Recovery

#26
dicobalt
I use Bitlocker on 3 systems and had no trouble, but I am also using a startup PIN as well.
Posted on Reply
#27
R0H1T
I'm about about freeware or similar alternatives. With full SSD or HDD (hardware) encryption, you probably don't want/need them anymore.
Posted on Reply
#28
Jism
Bothers me that they are pushing updates that can brick certain computers, configurations and such.

In the past they used to have a team that would manage 50 different computers and push for those updates on there.

Now the end users are the beta testers it seems, with financial, software or personal data loss as a risk.

Since you agreed to their TOS there's nothing you can do about it.

People need to either use atlasos.net/ (W10 based) or convert to Linux in it's total.

The more the better. This circus of BSODS cant happen. OS is to my disposal - not the other way around.
Posted on Reply
#30
DudeBeFishing
I'm curious if Atlas OS fixes the degraded CPU performance with DX9 games on Windows 10, compared to Windows 7 and Linux with DXVK. A W3680 4.25GHz on Linux and Windows 7, shouldn't be beating an AMD 5700X3D on Windows 10.

I have updates forced off. Idk if they will work if I turn them back on.
Posted on Reply
#31
Wirko
This event will be remembered as a welcome fire drill, which should be repeated every year. Everyone should have their keys backed up on paper. And/or on a PC with Windows XP. Nah, even XP may still receive some ultra-critical update. 2000 is more secure. 3.11 still continues to prove its value, too.
Posted on Reply
#32
chrcoluk
The Terrible PuddleAnd this is why my system postpones updates by at least 4 days haha
This ^, there is a built in defer updates feature in windows update, its configurable in the group policy editor, mine is set to 10 days.
Posted on Reply
#33
Chaitanya
WirkoIs it a shingled HDD by any chance? Those, at least some of them, can use the TRIM commands to better bury data under shingles. Anyway, it's an interesting issue - does Windows send TRIM to just any HDD or does it try to determine if it's necessary, and do 10 and 11 differ in that behaviour?
Drives I am using are not shingled HDDs, and last event in event viewers(after rebooting from a freeze) shows this warning message:
The storage optimizer couldn't complete retrim on Photos (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
It seems like a known issue with windows defrag and have seen many complaints regarding this behaviour with none of recomended solutions working.
Posted on Reply
#34
Chrispy_
I'm just amazed it's taken this long for a major drive-encryption screwup like this to actually happen, though I think the quality of Windows updates in the last 12-18 months has been on a noticeable and somewhat worrying decline. The number of broken things on Wednesday morning after 'patch Tuesday' is pretty alarming and the rollout of Teams 2.0 or "new" Teams has been an unmitigated clusterfuck of version conflicts, conflicting advice and documentation from Microsoft, and a total cluelessness and cavalier attitude to rolling out untested shit to stable production channels makes me realise they have no idea how their enterprise customers actually do things, let alone providing any working, tested, reliable best practice guide that works in the real world.

Even SCCM customers were bitten by the "new" Teams, and it's fair to say that Teams is a mandatory staple of all Microsoft 365 customers at this point.

I'm also thankful I don't work in an industry where drive-encryption is mandatory. All of my exposure to Bitlocker has left a sour taste in my mouth and I avoid it wherever and whenever possible.
Posted on Reply
#35
Vya Domus
64KA company with a 2023 revenue of 212 billion dollars and net income of 72 billion dollars can't be bothered to spend some money on QA before rolling out updates that bork their customers.
Microsoft, like a lot of these other software mega corporations, is outsourcing a lot of the QA and development to cheap labor all over the world and the results speak for themselves.

Whatever software product you're using, whether it's something inside your PC, car, fridge, etc, you'd be amazed to find out just how little of it is developed or tested internally.
Posted on Reply
#36
Chrispy_
Vya Domusyou'd be amazed to find out just how little of it is developed or tested internally.
I don't think you need the word "tested" in that sentence at all.
Posted on Reply
#37
natr0n
Only lock you need is for doors.
Posted on Reply
#38
dtoxic
Cant wait when some real adults start developing Windows again...hopefully soon,as it stands now it's just a mess "since as a service" OS started.
Posted on Reply
#39
Count von Schwalbe
Chrispy_... Teams is a mandatory staple of all Microsoft 365 customers at this point.
Posted on Reply
#40
HTC
wNotyarDMicrosoft just can't give anyone a break, can they?
They did: they gave a broken bitlocker ...
Posted on Reply
#41
Darmok N Jalad
Easy RhinoHow much you want to bet that the engineers and devs are using AI tools to push through this crap code?
No doubt they are using AI, as MS is running at break-neck speed toward the AI dumpster fire without even a garden hose.
64KMS is an astonishing example of corporate indifference to their customers. A company with a 2023 revenue of 212 billion dollars and net income of 72 billion dollars can't be bothered to spend some money on QA before rolling out updates that bork their customers. I honestly don't understand why people apologize for them but I suspect some will just call me and others that point out the MS indifference as Microsoft haters. In my case the shoe fits mostly for many more reasons than just their OS incompetence.
Windows 10 brought these changes. Never-ending updates, with telemetry and real users as beta testers to their feedback mechanism. Remember the good ol days when you only beta tested the pre-release versions of Windows?
Vya DomusMicrosoft, like a lot of these other software mega corporations, is outsourcing a lot of the QA and development to cheap labor all over the world and the results speak for themselves.

Whatever software product you're using, whether it's something inside your PC, car, fridge, etc, you'd be amazed to find out just how little of it is developed or tested internally.
They outsourced it to us. The sad thing is, they dumped heaps of legacy hardware with W11, yet W11 feels like the most flakey OS from MS to date.
Posted on Reply
#42
tommo1982
Darmok N JaladThey outsourced it to us. The sad thing is, they dumped heaps of legacy hardware with W11, yet W11 feels like the most flakey OS from MS to date.
It's worse than Win Me?
Posted on Reply
#43
Wirko
Darmok N JaladThey outsourced it to us.
Ahem. Those three are not mutually exclusive:
1. You are the paying customer
2. You are the product
3. You are the tester.
Posted on Reply
#44
Darmok N Jalad
tommo1982It's worse than Win Me?
In some ways, yes. Granted, I was one of the few that didn’t seem to have trouble with Me. I’ve seen a fair number of UI glitches in W11. More than in any other OS, and this is on a corporate machine, so it’s not like it’s because of bargain hardware. A few other examples of things I’ve seen: a line of code appearing at the top of my display right before the machine falls asleep; minimize, maximize, close buttons have rectangles instead of the usual symbols; when waking my PC, being able to see the unlocked contents of my desktop before being greeted with the password prompt. There’s just something about the UI that feels like it’s on a delay.
Posted on Reply
#45
windwhirl
Darmok N JaladJust last week, a coworker and I were watching the open programs in my taskbar shift a little to the right, then maybe 30 seconds later, they'd shift back to the left. Even if I just sat there doing nothing at all, this happened all day long. What was it doing? I have no idea.
What the hell... is your machine haunted? lmao
Posted on Reply
#46
HD64G
And they still try to push us into installing that crap in our PCs? They cannot make a stable OS that comes from a stable former one even 3 years down the road? Incompetency is double-named in 2024...
Posted on Reply
#47
Zareek
tommo1982It's worse than Win Me?
I'm not sure, Me was pretty awful. I'd say not as bad as Windows 8. Worse than Vista for sure. Vista was just a memory hog.
Posted on Reply
#48
b1k3rdude
Or just not be using in the first instance and use local encryption on the sh*t that matters...
Posted on Reply
#49
Darmok N Jalad
ZareekI'm not sure, Me was pretty awful. I'd say not as bad as Windows 8. Worse than Vista for sure. Vista was just a memory hog.
Me had issues because they took away Real Mode, which crashed some stuff for sure. Paved the way for Xp, which didn’t allow that either.
Vista was maligned by a new driver model which some vendors failed to properly support. I didn’t mind Vista, and really all the things Vista forced (many out of necessity) were mostly adopted by the time W7 came out.
Windows 8 was at least solid underneath. The UI was just atrocious. Start8+Win8 was a killer combo, IMO.
Posted on Reply
#50
Qwerty101
Delay installing non critical updates for a while after they roll out. Longer delay = better quality and stability.

Do not install launch versions of any os regardless if Linux, macOS, Windows etc. always wait for the .1 release if possible.

Determine how actually “critical” an update is to YOU not how it’s labeled by the vendor. Security circumstances differ wildly between different people and organisations.

This should be common knowledge at this point :)

Case in point: I updated Windows 10 on the control PC of a specialised measuring machine. It’s an OFFLINE machine so I had to connect it to the net specifically to update it because I’m “smart”

The update broke the software & thus the machine so I had to spend multiple days with service techs remote accessing it and whatnot. To restore the status quo.

Why did I update an offline machine ?!?! Lessons learned.
Posted on Reply
Add your own comment
Nov 25th, 2024 20:58 EST change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts