Here’s an interesting tidbit that’s making the rounds right now. KB5012170 appeared on August 9 on the latest Patch Tuesday. According to various sources — see this Neowin story, for example — some users’ PCs boot into BitLocker Recovery after the mandatory post-update restart, rather than business as usual. Thus, applying KB5012170 can provoke BitLocker Recovery (though unintentionally).
Of those affected, some have been able to get back to rights by applying the PC’s BitLocker Recovery key. Others have had to update their UEFI before that key application “takes.” In my case, I apparently dodged that bullet, because none of my production Windows 11 machines (four Lenovo laptops of various descriptions, and a Ryzen 5800X desktop) fell prey to this gotcha.
You can see the “success” report for this KB item boxed in red in the lead-in graphic for this story, in fact…
If KB5012170 Can Provoke BitLocker Recovery, Then What?
BitLocker keys can be stored in at least three ways. 1. On paper, 2. Electronically (usually on a USB drive). 3. Associated with a specific MSA (Microsoft Account). I prefer method 3 because it’s easy to set up and MS manages it automatically on your behalf.
You must log into your MSA online (I go through account.microsoft.com). Then go to Devices, and pick the affected PC. Next, click on Info & Support. There you’ll find a Bitlocker data protection item that includes a link to “Manage recovery keys.” That’s what you want. It will show you recovery keys for all the devices associated with that MSA (I show 11, of which I’m actually using 2, so I just got rid of the rest after saving a backup copy to an encrypted disk).
BTW, that means it’s essential to add all devices you might ever want to recover to your chosen MSA. Do so right away, if you haven’t already!