What Is the BitLocker Recovery Mode Bug?

The KB4535680 update was released to Windows systems in January 2021.

The original update was a security update designed to resolve an issue with Secure Boot, a security feature that blocks untrusted operating systems from booting on your computer. Its primary role is to protect against dangerous malware types, such as rootkits and bootkits.

However, a side effect of the KB4535680 security update was the accidental introduction of a bug affecting BitLocker. When triggered, it causes the BitLocker recovery mode function to run, which requests your BitLocker recovery key. You can read the full Microsoft Security Update blog for more information.

The BitLocker recovery mode bug is affecting multiple Windows versions:

Windows Server 2012 x64-bit Windows Server 2012 R2 x64-bit Windows 8. 1 x64-bit Windows Server 2016 x64-bit Windows Server 2019 x64-bit Windows 10, version 1607 x64-bit Windows 10, version 1803 x64-bit Windows 10, version 1809 x64-bit Windows 10, version 1909 x64-bit

If you encounter this error, you should consult the Microsoft BitLocker recovery key guide.

BitLocker Recovery Mode Bug Workaround

There is a workaround available for the BitLocker recovery mode, but it depends on the device configuration. Specifically, how the device’s Credential Guard is configured and whether you’ve already installed the update.

If the device does not have Credential Guard enabled and the update isn’t yet installed, you can run the following commands from an elevated Command Prompt to “suspend BitLocker for 1 reboot cycle:”

You can run the command, install the security update (which includes other useful security fixes), then reboot your system without encountering the BitLocker recovery mode.

If the device does have Credential Guard installed and the update isn’t yet installed, it may require multiple restarts. You can run a different command that increases the BitLocker suspension count to three:

Either way, you don’t have to panic if you encounter the BitLocker recovery mode bug. Microsoft is also working towards a bug fix for this issue.