Microsoft has acknowledged an issue affecting Windows 10 customers who have installed the KB4535680 security update that addresses a security feature bypass vulnerability in Secure Boot.
Secure Boot is a security feature that blocks untrusted operating systems bootloaders on computers with Unified Extensible Firmware Interface (UEFI) firmware and a Trusted Platform Module (TPM) chip to prevent rootkits from loading during the OS startup process.
Windows versions affected by this vulnerability include multiple Windows 10 releases (from v1607 to v1909), Windows 8.1, Windows Server 2012 R2, and Windows Server 2012.
Security update triggers BitLocker recovery mode
However, installing the KB4535680 security update on systems running affected Windows versions might lead to the BitLocker recovery key being requested after rebooting, according to a known issue recently acknowledged by Microsoft.
"If BitLocker Group Policy Configure TPM platform validation profile for native UEFI firmware configurations is enabled and PCR7 is selected by policy, it may result in the BitLocker recovery key being required on some devices where PCR7 binding is not possible," Microsoft explains.
"To view the PCR7 binding status, run the Microsoft System Information (Msinfo32.exe) tool with administrative permissions."
BitLocker is Microsoft's ..
Support the originator by clicking the read the rest link below.
