BitLocker encrypted fixed drives after BIOS update with no warning

OS: Windows 11 Pro 25H2 Build 26200.8037

M/B: Asus TUF Gaming B850M-Plus Wifi

I had been running a BIOS version which is about 1 year old on a fairly recent motherboard model. I have always had an issue show up where PCR7 binding was not possible. I only run under a local account and did not want BitLocker on anyway so no big deal.

The few days ago, I updated the BIOS to a later version (not the latest). Yesterday I happened to notice that my drives were all encrypted XTS-AES 128, although BitLocker was not set up. Checking the event viewer, I saw BitLocker-API messages to confirm that starting right after the BIOS update Windows decided, with no warning or indication, to encrypt all my drives. I went to the Settings Drive encryption page (which was not even available before the BIOS update) and say Drive encryption was on. So I turned it off. The BIOS update must have fixed the PCR7 issue.

Microsoft does know about this machine since I use a subscription to Microsoft-365, but Windows is only running under a Local account. So is this expected behavior that Windows would just willy-nilly encrypt my drives without telling me? What I read tells me it should not have. What's the best way to prevent this?