Microsoft has quietly fixed a bug that was forcing some Windows Server 2025 machines straight into BitLocker recovery mode after applying the April 2026 security update. For affected admins, every reboot became a headache — typing in recovery keys just to get back to a working system.
The issue didn’t strike everyone, but when it hit, it was disruptive. Servers that had been running fine suddenly demanded BitLocker recovery credentials on startup, effectively locking out automated processes and anyone without the key on hand. The root cause appears to have been a change in how the update interacted with the TPM and boot configuration, triggering a false positive that the system integrity had been compromised.
If you’re running Server 2025 and noticed this behavior after April’s patch cycle, the fix should already be available through Windows Update. It’s worth double-checking that your recovery keys are backed up regardless — this kind of bug is a good reminder that BitLocker and automation don’t always play nice together.
Source: Bleeping Computer
