Windows 10 KB5058379 is causing PCs to boot into Windows Recovery and require BitLocker key. Windows Latest received reports that KB5058379 install starts, but ends up at “Enter the recovery key to get going again (Keyboard layout: US)” screen, and there’s a text field to add the recovery key. In some cases, there’s a BSOD as well.
It’s unusual for BitLocker recovery to trigger automatically unless we make a change to the hardware or BIOS settings. Several users told Windows Latest that a BitLocker Recovery (Windows Boot Recovery) is prompted automatically after installing KB5058379, which is rolling out via Windows Update.
Windows 10 KB5058379 is a mandatory security update rolling out for everyone, including businesses or enterprises, and you don’t have a choice but to install the update. I covered it in a post on May 13, and at that point, we weren’t aware of the major issues affecting Windows 10 May 2025 Update.
Microsoft’s support document still states the company is not aware of any new issues. But user reports received by Windows Latest contradict it:
“Hello, are you aware of a KB5058379 causing the devices to lock for a bitlocker recovery key?” one user wrote.
“We come in this morning, and our users start putting in a ticket that the device is stuck at Bitlocker recovery key. When I investigated, I found out that the lab failed to install and that when the device gets locked,” they told me when I asked for more details.
“No BSOD, just Bitlocker recovery screen, and after you enter the key, it will go back to the update and go to the login screen,” they added.
We’re seeing reports of Windows 10 KB5058379 causing devices to boot into Windows Recovery or requiring BitLocker recovery keys everywhere, including Reddit.
In a Reddit thread first spotted by Windows Latest, dozens of users were flagging BitLocker problem, but in addition to that, we also noticed that some encountered the Blue Screen of Death, followed by a BitLocker Recovery screen.
Since it’s a critical security feature, we do not recommend skipping it, but the odds of your computer triggering the BitLocker Recovery screen are high.
Based on reports seen by Windows Latest, the following versions/editions/OEMs of Windows 10 are affected:
- Windows 10 22H2
- Windows 10 21H2 LTSC / Enterprise
- Dell, HP and Lenovo PCs
However, we’re seeing reports mostly from those using SCCM or WSUS, which means consumers won’t run into BSODs or BitLocker in most cases.
How to fix BitLocker Recovery triggered by Windows 10 KB5058379
If you’re getting stuck on the Windows Recovery or BitLocker Recovery screen (“Enter the recovery key to get going again”) after KB5058379, follow these steps:
- You need to reboot into BIOS/UEFI, which can be done by pressing a key after power-on, but the keys are different across all OEMs. On most Dell/HP/Lenovo: press F2, F10/F12, or Esc immediately after power-on to enter BIOS/UEFI.
- In BIOS, look for “Security,” open “Virtualization” or “Advanced CPU Settings.”
- Turn Off “Intel TXT.” It could also be referred to as “Trusted Execution,” or “OS Kernel DMA Support.”
- You can leave “VT for Direct I/O” (or “VT-d”) enabled.
- Save changes and exit BIOS.
The idea is to disable Intel TXT / Trusted Execution and allow KB5058379 to finish installation. If you followed the steps correctly, you won’t run into BitLocker Recovery or BSOD.
Remember that the BSOD or BitLocker is triggered when installing KB5058379, but you won’t have the issue after the update is installed successfully. The catch is that it’s a challenge to install the security patch without turning off Intel TXT / Trusted Execution in BIOS.
Windows 11 is not affected by this issue.
