Forum Discussion

AhBAy2335's avatar
AhBAy2335
Copper Contributor
May 18, 2026

BitLocker recovery still occurring after KB5089549 installation on HP EliteBook

Hi all,   We are experiencing ongoing BitLocker recovery prompts on a Windows 11 enterprise device even after successfully installing KB5089549, which Microsoft states fixes the recent Secure Boot ...
community
Update management
YannickDils's avatar
YannickDils
MCT
May 18, 2026

Not sure if related, but have been facing a lot of issues since the latest April updates on our AVD Farms using Confidential Compute + Disk Encryption Set. All VM's immediately start in bitlocker recovery mode? Have tried the same steps during image build as mentioned above.

  • AhBAy2335's avatar
    AhBAy2335
    Copper Contributor
    May 19, 2026

    Based on the current behavior, this now appears more related to measured boot / PCR measurement drift rather than the original “invalid PCR7 configuration” issue Microsoft documented.

     

    The symptoms seem closely related to the Secure Boot / BitLocker issue discussed in these articles:

     

    https://support.microsoft.com/en-us/topic/may-12-2026-kb5089549-os-builds-26200-8457-and-26100-8457-28ec2a99-4bbe-481d-a340-5c6cf18d9acb

    https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bitlocker-recovery-issue-only-for-windows-11-users/

     

    However, in this case:

     

    KB5089549 installed successfully,

    PCR7 is healthy/bound,

    TPM and Secure Boot are healthy,

    but BitLocker recovery still occurs after reboot.

     

    I suspect there may still be an unresolved interaction involving: