Microsoft is investigating a bug triggering security alerts on systems with a Trusted Platform Module (TPM) processor after enabling BitLocker.
BitLocker is a Windows security feature that encrypts storage drives to prevent data theft or exposure. According to Redmond, it “provides maximum protection” when used with a TPM “to ensure that a device hasn’t been tampered with while the system is offline.”
TPMs are dedicated security processors that provide hardware-based security functions and act as trusted hardware components for storing sensitive data, such as encryption keys and various other security credentials.
In an advisory published Tuesday, the company says this known issue also affects unmanaged devices, known as BYOD (short for bring-your-own-device). These are usually personally owned devices used in enterprise environments that can be onboarded or secured using measures provided by each organization’s IT or security team.
On affected Windows 10 and 11 PCs, users will see a “For your security, some settings are managed by your administrator” alert “in the BitLocker control panel and some other places in Windows.”
Microsoft says it’s currently working on a fix and will provide more details about the issue when it has more information.
In April 2024, Microsoft fixed another issue that triggered incorrect BitLocker drive encryption errors in some managed Windows environments. The company tagged this issue in October 2023 as a reporting problem that did not impact drive encryption.
Months later, in August, Redmond addressed another bug causing some Windows devices to boot into BitLocker recovery after installing the Windows security updates.
The same month, it disabled a fix for a BitLocker security feature bypass vulnerability (CVE-2024-38058) due to firmware incompatibility issues that caused patched Windows devices to enter BitLocker recovery mode.
Microsoft announced in June 2021 that TPM 2.0 is a mandatory requirement for installing or upgrading to Windows 11, saying it would make systems more resistant to tampering and sophisticated cyberattacks. However, this hasn’t stopped Windows users from creating various tools, scripts, and techniques to bypass it.
More than three years later, in December 2024, Redmond made it abundantly clear that TPM 2.0 support is a “non-negotiable” requirement, as customers won’t be able to upgrade to Windows 11 without it.
Statcounter Global data currently shows that over 62% of all Windows systems worldwide still run Windows 10, while less than 34% run Windows 11 three years after its October 2021 launch.