Windows 10’s May 2025 Update (KB5058379) has been a mess. It’s been causing reboot loops, Blue Screen of Death errors, and even the BitLocker Recovery screen. While Microsoft has no intention to yank the buggy update, the company is rolling out an out-of-band update (KB5061768) to address these issues in Windows 10 21H2/22H2.

Windows 10 KB5058379 roll out kicked off on May 13 as a mandatory security update, and while it shipped with tons of fixes, it also caused havoc for some users. The update triggered boot failures, sending PCs to the BitLocker Recovery screen, which locks the system unless the BitLocker recovery key is entered.

BitLocker recovery screen is typically triggered only when there’s a hardware change or an unauthorised attempt to access the PC. While it’s recommended to always keep the Recovery keys around, we weren’t expecting the BitLocker recovery screen to show up after installing a monthly update.

Bitlocker issue in Windows 10

In our tests, Windows Latest observed that the May 2025 Update has a compatibility problem with Intel TXT, a feature that protects bad actors from modifying BIOS.

Microsoft also admitted that Windows 10 May 2025 Update has a bug where the Intel Trusted Execution (TXT) feature would cause the Local Security Authority Subsystem Service (LSASS) to stop working out of nowhere.

What is LSASS?

LSASS stands for Local Security Authority Subsystem Service, a security feature that powers the 'login' process on Windows. It's required to access your local or Microsoft account.

Since LSASS is needed to boot into Windows, and it’s crashed, you wouldn’t see the desktop and end up on the blue screen.

If BitLocker doesn’t exist, Windows will automatically roll back the patch. But in case you’ve the BitLocker feature turned on, you’re in for more trouble as Windows won’t be able to roll back the botched KB5061768.

Microsoft confirmed it’s working on a workaround, which will be included in the June 2025 Patch.

KB5058379 patches Windows 10 BitLocker issue caused by the May 2025 Update

If you can’t wait for the bug fixes to ship with the next security update, there’s a new update, KB5061768, for affected users.

“Installing KB5061768 fixes a known issue on devices with Intel Trusted Execution Technology (TXT) enabled on 10th generation or later Intel vPro processors,” a Microsoft support staff told Windows Latest.

Microsoft told me that KB5061768 is not offered via Windows Update (Settings > Updates & Security won’t give you the patch).

Download KB5061768

Instead, you’ll need to open the Microsoft Update Catalog, click “Download” next to one of the listed updates, and open the .msu link, which will give you an .msu installer.

Download KB5061768 for Windows 10

Once you’ve installed the update, you’ll no longer run into BitLocker or Blue Screen of Death errors.

But if you don’t want to go through the trouble of installing an update or if you’re stuck on the blue screen with automatic recovery failing, we recommend manually turning off Intel TXT from BIOS, and then installing the out-of-band update.

To turn off Intel TXT and the BitLocker recovery screen loop, follow these steps:

  1. Boot into BIOS by pressing ESC or other keys after powering on. Other keys include F2, F10/F12.
  2. Once you’re in BIOS, look for the Security tab and head to the Virtualisation menu.
  3. Then, under Intel TXT, turn off the toggle. It may be called Trusted Execution or “OS Kernel DMA Support as well.
    Intel TXT
  4. Exit BIOS after saving changes.

Reboot the PC and you’ll be on the desktop again.

About The Author

Mayank Parmar

Mayank Parmar is an entrepreneur who founded Windows Latest. He is the Editor-in-Chief and has written on various topics in his seven years of career, but he is mostly known for his well-researched work on Microsoft's Windows. His articles and research works have been referred to by CNN, Business Insiders, Forbes, Fortune, CBS Interactive, Microsoft and many others over the years.

RELATED ARTICLESMORE FROM AUTHOR