On May 13, 2025, Microsoft released the KB5058379 security update for Windows 10, aiming to address several critical vulnerabilities, including seven zero-day exploits. However, shortly after its deployment, numerous users and IT administrators began reporting significant issues associated with this update. Affected systems are unexpectedly booting into Windows Recovery mode, prompting users to enter their BitLocker recovery keys—a scenario typically reserved for hardware or BIOS changes.
User Reports and System Impact
The problem predominantly affects Windows 10 versions 22H2 and 21H2, including Long-Term Servicing Channel (LTSC) and Enterprise editions. Devices from major manufacturers such as Dell, HP, and Lenovo are among those impacted. Corporate environments utilizing deployment tools like System Center Configuration Manager (SCCM) or Windows Server Update Services (WSUS) have reported that approximately 2-5% of their devices are experiencing these issues. For instance, one administrator noted that about 15 out of 600 devices in their organization were affected.
Users have described scenarios where, after installing the KB5058379 update, their systems display a message stating, Enter the recovery key to get going again (Keyboard layout: US). In some cases, this prompt is preceded by a Blue Screen of Death (BSOD) error. This behavior is unusual, as BitLocker recovery prompts are generally triggered by significant system changes, not routine security updates.
Microsoft’s Response
Despite the widespread reports, Microsoft has not officially acknowledged the issue in the KB5058379 documentation. However, according to user accounts, Microsoft Support has confirmed awareness of the problem. One support representative reportedly stated, We are currently experiencing a known issue with the May Month Patch KB5058379, titled ‘BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379’ on Windows 10 machines.
Potential Workaround
IT professionals and advanced users have identified a workaround that appears to mitigate the issue:
1. Reboot the system and enter the BIOS/UEFI settings by pressing the appropriate key during startup (commonly F2, F10, F12, or Esc, depending on the device).
2. Navigate to the Security settings or Advanced CPU Settings.
3. Disable Intel TXT, which may also be labeled as Trusted Execution or OS Kernel DMA Support.
4. Ensure that VT for Direct I/O (VT-d) remains enabled.
5. Save the changes and exit the BIOS/UEFI settings.
Implementing these changes should allow the system to complete the update installation without triggering BitLocker recovery prompts or BSOD errors.
Context and Precedents
This incident is not isolated. Previous Windows 10 updates have caused similar issues. For example, in December 2020, the KB4592438 update led to boot failures when users ran the Check Disk Utility (chkdsk), resulting in Blue Screen of Death errors. Microsoft acknowledged the issue and released a fix within 24 hours. ([windowslatest.com](https://www.windowslatest.com/2020/12/21/microsoft-confirms-windows-10-update-is-breaking-some-devices/?utm_source=openai))
In another instance, the KB4598242 update released in January 2021 caused boot loop issues for some users, dropping them into the recovery environment unexpectedly. Users reported that the automatic repair failed, and the ‘update rollback’ option in the recovery environment produced errors. Some managed to resolve the issue by manually rolling back the updates using the Deployment Image Servicing and Management (DISM) tool in the command prompt. ([techradar.com](https://www.techradar.com/news/windows-10-update-is-reportedly-causing-serious-problems-that-prevent-pcs-from-starting?utm_source=openai))
Additionally, in July 2024, a Windows security update led to systems booting into the BitLocker recovery screen. Microsoft acknowledged the issue and suggested that affected customers retrieve their recovery keys by logging into the BitLocker recovery portal with their Microsoft account. ([howtogeek.com](https://www.howtogeek.com/windows-security-update-bitlocker-recovery-bug/?utm_source=openai))
Implications for Users and Organizations
The recurring nature of such issues underscores the challenges associated with deploying security updates in complex computing environments. For individual users, encountering a BitLocker recovery prompt without prior changes to hardware or BIOS settings can be alarming and disruptive. For organizations, especially those managing large fleets of devices, such unexpected behaviors can lead to significant operational disruptions, increased support workloads, and potential data access issues.
Recommendations
Given the current situation, users and IT administrators are advised to:
– Backup Data Regularly: Ensure that all important data is backed up before applying new updates.
– Retrieve and Store BitLocker Recovery Keys: Before installing updates, verify that BitLocker recovery keys are accessible and stored securely.
– Monitor Official Channels: Stay informed by monitoring official Microsoft communications for updates and potential fixes related to KB5058379.
– Test Updates in Controlled Environments: Organizations should consider deploying updates in a controlled test environment before a full-scale rollout to identify potential issues.
Looking Ahead
With Windows 10 support officially ending on October 14, 2025, KB5058379 represents one of the final major security updates for the operating system. Microsoft recommends transitioning to Windows 11; however, many users and organizations continue to rely on Windows 10 due to hardware compatibility, software dependencies, or organizational policies.
As the end-of-support date approaches, it is crucial for users and organizations to plan their transition strategies carefully, ensuring that systems remain secure and operational. This includes evaluating hardware readiness for Windows 11, assessing software compatibility, and developing comprehensive deployment plans to minimize disruptions.
Conclusion
The KB5058379 update has highlighted the complexities and potential risks associated with system updates, particularly in environments utilizing features like BitLocker. While security updates are essential for protecting systems against vulnerabilities, it is equally important for vendors to ensure that such updates do not inadvertently disrupt system functionality. Users and organizations must remain vigilant, adopt best practices for update management, and be prepared to implement workarounds or seek support when issues arise.
