Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key

Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems.

Users report their devices are unexpectedly booting into Windows Recovery mode and requiring BitLocker recovery keys following the update installation.

Windows 10 KB5058379 is causing PCs to boot into Windows Recovery and require BitLocker key.

– Advertisement –

Despite these widespread reports, Microsoft’s official documentation currently states no known issues with this update.

The problem appears to primarily affect enterprise environments, particularly those utilizing SCCM or WSUS deployment mechanisms.

The KB5058379 update is a critical security patch being distributed universally to Windows 10 systems, including business and enterprise environments.

Technical analysis indicates the update is triggering BitLocker’s hardware validation mechanisms inappropriately during installation.

Under normal circumstances, BitLocker recovery is only prompted when hardware or BIOS configuration changes are detected, as these could potentially signal security compromises.

The issue specifically affects virtualization-based security components that interact with the Trusted Platform Module (TPM).

Systems most frequently encountering this issue include Windows 10 22H2, Windows 10 21H2 LTSC/Enterprise editions, with particular prevalence among Dell, HP, and Lenovo hardware configurations.

Device management systems like SCCM (System Center Configuration Manager) and WSUS (Windows Server Update Services) deployments show heightened susceptibility, suggesting potential policy-related interactions with the security components modified by the update.

Importantly, Windows 11 systems remain unaffected by this particular issue.

Symptoms and Deployment Impact

The primary symptom manifests during the KB5058379 installation process.

The update initiates normally but fails to complete successfully, instead forcing the system into BitLocker recovery mode with the prompt “Enter the recovery key to get going again (Keyboard layout: US)”.

This indicates that the system’s TPM has detected configuration changes significant enough to trigger security lockout protocols.

Some affected systems exhibit additional complications, including Blue Screen of Death (BSOD) errors prior to the BitLocker recovery screen appearing.

We’re seeing reports of Windows 10 KB5058379 causing devices to boot into Windows Recovery or requiring BitLocker recovery keys everywhere, including Reddit.

The technical implications for IT administrators are substantial.

Without proper preparation, this update could potentially trigger organization-wide BitLocker recovery scenarios, necessitating access to recovery keys stored in Active Directory or other management systems.

For environments where these keys are not readily accessible, significant operational disruptions could occur.

Technical Resolution Method

The root cause appears to be a conflict between the Windows 10 KB5058379 update and Intel’s Trusted Execution Technology (TXT) feature.

Implementing the following technical solution before applying the update will prevent the BitLocker recovery trigger:

1. Access the system’s BIOS/UEFI configuration by pressing the appropriate key during boot (typically F2, F10/F12, or Esc, depending on manufacturer).
2. Locate the “Security” section, then navigate to “Virtualization” or “Advanced CPU Settings” subsection.
3. Disable the “Intel TXT” setting, which may alternatively be labeled as “Trusted Execution” or “OS Kernel DMA Support” in some BIOS implementations.
4. Important: The “VT for Direct I/O” (VT-d) setting can remain enabled without causing issues.
5. Save configuration changes and exit the BIOS.

This adjustment specifically targets the virtualization security component that appears to conflict with the update.

Once KB5058379 completes installation successfully, the BitLocker recovery or BSOD issues will not recur, even if Intel TXT is subsequently re-enabled.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!