Microsoft Windows Server 2025 and Windows 11 23H2 BitLocker recovery fix
Security Patch Release
Summary
Hide ▲
Show ▼
Microsoft shipped KB5094125 for Windows Server 2025 and KB5093998 for Windows 11 23H2 to fix a BitLocker recovery bug tied to the April 2026 security update. The issue could push affected systems into recovery mode after reboot when a specific BitLocker Group Policy and TPM/PCR7 configuration was present. The updates remove the recovery prompt risk, with Known Issue Rollback (KIR) and policy cleanup available as temporary fallback options.
Related Happenings
Microsoft Windows Update installation failures on upgraded Windows 11 PCs
Service Disruption
H score1
First: 10.06.2026 14:33
Last: 10.06.2026 14:33
Sources 1
About this happening:
**Microsoft Windows Update** is failing on a **small percentage of upgraded Windows 11 PCs**, blocking **June 2026 cumulative updates** and producing **0x80073712** or **0x800f099...
Microsoft Windows Update installation failures on upgraded Windows 11 PCs
Service DisruptionAbout this happening: **Microsoft Windows Update** is failing on a **small percentage of upgraded Windows 11 PCs**, blocking **June 2026 cumulative updates** and producing **0x80073712** or **0x800f099...
Microsoft BitLocker recovery prompt workaround
Advisory/Mitigation
H score25
First: 09.06.2026 21:35
Last: 09.06.2026 21:35
Sources 1
How related:
IT admins who can't yet deploy this month's updates to fix the issue are advised to remove the Group Policy configuration before installing KB5082063 and later updates, and to ensure that BitLocker bindings use the PCR7 profile.
About this happening:
Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Microsoft BitLocker recovery prompt workaround
Advisory/MitigationHow related: IT admins who can't yet deploy this month's updates to fix the issue are advised to remove the Group Policy configuration before installing KB5082063 and later updates, and to ensure that BitLocker bindings use the PCR7 profile.
About this happening: Microsoft issued a **temporary workaround** for **BitLocker recovery prompts** on some **Windows** systems after recent updates. The issue affects devices configured with a **BitL...
Windows 10 KB5094127 extended security update
Security Patch Release
H score10
First: 09.06.2026 21:35
Last: 09.06.2026 21:35
Sources 1
About this happening:
Microsoft released **Windows 10 KB5094127** for **Windows 10 Enterprise LTSC** and **ESU-enrolled devices**, delivering the **June 2026 Patch Tuesday** security fixes and extendin...
Windows 10 KB5094127 extended security update
Security Patch ReleaseAbout this happening: Microsoft released **Windows 10 KB5094127** for **Windows 10 Enterprise LTSC** and **ESU-enrolled devices**, delivering the **June 2026 Patch Tuesday** security fixes and extendin...
Windows 11 update installation fix (KB5089573)
Security Patch Release
H score14
First: 01.06.2026 13:59
Last: 01.06.2026 13:59
Sources 1
About this happening:
**Microsoft** resolved the **Windows 11 KB5089549** installation failure with **KB5089573**, fixing update rollbacks on devices with limited **EFI System Partition (ESP)** space....
Windows 11 update installation fix (KB5089573)
Security Patch ReleaseAbout this happening: **Microsoft** resolved the **Windows 11 KB5089549** installation failure with **KB5089573**, fixing update rollbacks on devices with limited **EFI System Partition (ESP)** space....
Microsoft Windows Known Issue Rollback guidance for KB5089549
Advisory/Mitigation
H score14
First: 01.06.2026 13:59
Last: 01.06.2026 13:59
Sources 1
About this happening:
Microsoft's **Known Issue Rollback** guidance gives **Windows 11** users and admins a workaround for **KB5089549** installation failures caused by low **EFI System Partition (ESP)...
Microsoft Windows Known Issue Rollback guidance for KB5089549
Advisory/MitigationAbout this happening: Microsoft's **Known Issue Rollback** guidance gives **Windows 11** users and admins a workaround for **KB5089549** installation failures caused by low **EFI System Partition (ESP)...
Timeline
-
11.06.2026 11:44 2 articles · 9h ago
Microsoft fixes BitLocker recovery bug in KB5094125 and KB5093998
Mitigation Patch UpdateMicrosoft resolved a known issue affecting some Windows Server 2025 devices and some Windows 11 23H2 systems where an incompatible BitLocker Group Policy and TPM validation setup could trigger BitLocker Recovery after the April 2026 security update. The fix shipped in KB5094125 and KB5093998, and Microsoft said affected devices may show Event ID 1032 in the System event log when installing Windows updates. Administrators who cannot deploy the updates immediately can remove the group policy before installing KB5082063 and later updates, ensure BitLocker bindings use the PCR7 profile, or apply Known Issue Rollback (KIR) to prevent the 2023-signed Windows Boot Manager switch that triggers the recovery prompt.
Show sources
- Microsoft fixes BitLocker recovery bug on Windows Server 2025 — www.bleepingcomputer.com — 11.06.2026 11:44
- Microsoft fixes BitLocker recovery bug on Windows Server 2025 — www.bleepingcomputer.com — 11.06.2026 11:44