Microsoft has officially confirmed the recent security update for Secure Boot DBX (KB5012170) causes computers to boot into BitLocker recovery, requiring users to enter the recovery keys.
Microsoft Notification: Heath Dashboard Information
- Client: Windows 11, version 21H2
- Server: None
1. Run the following command from Administrator command prompt:
Manage-bde -protectors -disable %systemdrive% -rebootcount 2
2. Install the update KB5012170, if not already installed
3. Restart the device.
4. Restart the device again.
5. BitLocker should automatically be enabled after two boots. If you want to manually resume BitLocker to verify that it is enabled, use the following command:
Manage-bde -protectors -Enable %systemdrive%
Still Need Help? Open a Ticket
Let one of our experienced engineer resolve the issue