April 2025 updates break Windows Hello on some PCs

Microsoft says some Windows users might be unable to log into their accounts via Windows Hello after installing the April 2025 security updates.

This known issue impacts both client (Windows 11 24H2) and server (Windows Server 2025) platforms with the KB5055523 cumulative update installed, although only in some specific scenarios.

According to Redmond, devices impacted by these Windows Hello authentication issues include those with the Dynamic Root of Trust for Measurement (DRTM) or System Guard Secure Launch features enabled before deploying the KB5055523 update.

“We’re aware of an edge case of Windows Hello issue affecting devices with specific security features enabled. After installing this update and performing a Push button reset or Reset this PC from Settings > System > Recovery and selecting Keep my Files and Local install, some users might be unable to login to their Windows services using Windows Hello facial recognition or PIN,” Microsoft explains.

“Users might observe a Windows Hello Message saying ‘Something happened and your PIN isn’t available. Click to set up your PIN again’ or ‘Sorry something went wrong with face setup’.”

Until a permanent fix is available, the company also provides the following workarounds for affected Windows users:

• To log in using PIN, follow the Set my PIN prompt on the logon screen to re-enroll into Windows Hello.
• To use Face Logon, re-enroll in Windows Hello Facial Recognition by going to Settings > Accounts > Sign-in options > Facial recognition (Windows Hello) and selecting Set up. Next, follow the on-screen instructions.

On Tuesday, Microsoft fixed another KB5055523 bug that caused authentication issues when Credential Guard was enabled on systems using the Kerberos PKINIT pre-auth security protocol.

Earlier this week, Redmond also introduced a new Windows 11 24H2 safeguard hold for systems with SenseShield Technology’s sprotect.sys driver (used by security or enterprise software) because of incompatibility issues that trigger blue or black screen of death (BSOD) errors.

Other upgrade blocks prompted by incompatible software or hardware have also been applied to Windows devices with Dirac audio improvement software, integrated cameras, or the Easy Anti-Cheat and Safe Exam Browser apps.