Latest patch leaves some Windows 10 machines stuck in recovery loops
(2025/05/19)
- Reference: 1747659991
- News link: https://www.theregister.co.uk/2025/05/19/windows_10_txt_loop/
- Source link:
As Microsoft's Build developer shindig begins, many users are once again facing a familiar problem: broken Windows.
The [1]affected versions this time? Windows 10 22H2 and Windows 10 Enterprise LTSC 2021 (for anyone who was hoping to dodge the upcoming end of Windows 10 support with a [2]crafty switch to an alternative ).
If a customer is running a device with Intel Trusted Execution Technology (TXT) enabled on a tenth-generation or later Intel processor with vPro support, has BitLocker enabled, and obediently installed the [3]KB5058379 patch released on May 13, then they'd better have their BitLocker key handy.
[4]
According to Microsoft, the patch "might cause lsass.exe to terminate unexpectedly, triggering an Automatic Repair."
[5]
[6]
Microsoft warned that affected systems might either make several attempts to install the update before Startup Repair rolls back to the previously installed update, or Startup Repair could go into a reboot loop, "which again initiates an Automatic Repair, returning the device to the BitLocker recovery screen."
"Consumer devices typically do not use Intel vPro processors and are less likely to be impacted by this issue," the company said. A great comfort to administrators faced with digging out BitLocker recovery keys thanks to what some might consider Microsoft's inadequate testing practices.
[7]
In addition to releasing the broken patch, Microsoft [8]announced on May 13 that it would lay off thousands of employees.
[9]Microsoft winnows: Layoffs hit software engineers hard
[10]Microsoft pulls MS365 Business Premium from nonprofits
[11]Microsoft proposes sweeping global concessions to Teams for up to a decade
[12]Microsoft blows deadline for special Azure for EU hosters
Hopefully, sufficient staff remain to deal with the problem. Microsoft: "We are urgently working on a resolution for this issue, with plans to release an Out-of-band update to the Microsoft Update Catalog in the coming days."
Until the update arrives, there are several workarounds for the issue posted on [13]social media , one of which involves disabling TXT on afflicted machines. Doing so, however, risks opening hardware up to attack.
[14]According to Intel: "Intel Trusted Execution Technology provides these mechanisms by enabling an environment where applications can run within their own space – protected from all other software on the system." Switching it off could therefore introduce serious security risks.
Administrators are stuck between a rock and a hard place. Postponing the update, which contains useful fixes, is not ideal. However, neither is running the risk of leaving users with borked devices due to Microsoft's latest misadventure in validation.
[15]
The Register asked Microsoft for a resolution timeline, and will update this piece should the company respond. ®
Get our [16]Tech Resources
[1] https://learn.microsoft.com/en-gb/windows/release-health/status-windows-10-22h2#3555msgdesc
[2] https://www.theregister.com/2025/04/22/windows_10_ltsc/
[3] https://support.microsoft.com/en-gb/topic/may-13-2025-kb5058379-os-builds-19044-5854-and-19045-5854-0a30e9ee-5038-45dd-a5d7-70a8813a5e39
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/05/13/microsoft_layoff/
[9] https://www.theregister.com/2025/05/16/microsofts_axe_software_developers/
[10] https://www.theregister.com/2025/05/16/microsoft_pulls_ms365_business_premium/
[11] https://www.theregister.com/2025/05/16/microsoft_proposes_sweeping_global_concessions/
[12] https://www.theregister.com/2025/05/16/cispe_and_microsoft_abandon_dreams/
[13] https://www.reddit.com/r/sysadmin/comments/1klcpkl/comment/ms709tp/
[14] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-trusted-execution-technology.html
[15] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[16] https://whitepapers.theregister.com/
The [1]affected versions this time? Windows 10 22H2 and Windows 10 Enterprise LTSC 2021 (for anyone who was hoping to dodge the upcoming end of Windows 10 support with a [2]crafty switch to an alternative ).
If a customer is running a device with Intel Trusted Execution Technology (TXT) enabled on a tenth-generation or later Intel processor with vPro support, has BitLocker enabled, and obediently installed the [3]KB5058379 patch released on May 13, then they'd better have their BitLocker key handy.
[4]
According to Microsoft, the patch "might cause lsass.exe to terminate unexpectedly, triggering an Automatic Repair."
[5]
[6]
Microsoft warned that affected systems might either make several attempts to install the update before Startup Repair rolls back to the previously installed update, or Startup Repair could go into a reboot loop, "which again initiates an Automatic Repair, returning the device to the BitLocker recovery screen."
"Consumer devices typically do not use Intel vPro processors and are less likely to be impacted by this issue," the company said. A great comfort to administrators faced with digging out BitLocker recovery keys thanks to what some might consider Microsoft's inadequate testing practices.
[7]
In addition to releasing the broken patch, Microsoft [8]announced on May 13 that it would lay off thousands of employees.
[9]Microsoft winnows: Layoffs hit software engineers hard
[10]Microsoft pulls MS365 Business Premium from nonprofits
[11]Microsoft proposes sweeping global concessions to Teams for up to a decade
[12]Microsoft blows deadline for special Azure for EU hosters
Hopefully, sufficient staff remain to deal with the problem. Microsoft: "We are urgently working on a resolution for this issue, with plans to release an Out-of-band update to the Microsoft Update Catalog in the coming days."
Until the update arrives, there are several workarounds for the issue posted on [13]social media , one of which involves disabling TXT on afflicted machines. Doing so, however, risks opening hardware up to attack.
[14]According to Intel: "Intel Trusted Execution Technology provides these mechanisms by enabling an environment where applications can run within their own space – protected from all other software on the system." Switching it off could therefore introduce serious security risks.
Administrators are stuck between a rock and a hard place. Postponing the update, which contains useful fixes, is not ideal. However, neither is running the risk of leaving users with borked devices due to Microsoft's latest misadventure in validation.
[15]
The Register asked Microsoft for a resolution timeline, and will update this piece should the company respond. ®
Get our [16]Tech Resources
[1] https://learn.microsoft.com/en-gb/windows/release-health/status-windows-10-22h2#3555msgdesc
[2] https://www.theregister.com/2025/04/22/windows_10_ltsc/
[3] https://support.microsoft.com/en-gb/topic/may-13-2025-kb5058379-os-builds-19044-5854-and-19045-5854-0a30e9ee-5038-45dd-a5d7-70a8813a5e39
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2025/05/13/microsoft_layoff/
[9] https://www.theregister.com/2025/05/16/microsofts_axe_software_developers/
[10] https://www.theregister.com/2025/05/16/microsoft_pulls_ms365_business_premium/
[11] https://www.theregister.com/2025/05/16/microsoft_proposes_sweeping_global_concessions/
[12] https://www.theregister.com/2025/05/16/cispe_and_microsoft_abandon_dreams/
[13] https://www.reddit.com/r/sysadmin/comments/1klcpkl/comment/ms709tp/
[14] https://www.intel.com/content/www/us/en/developer/articles/tool/intel-trusted-execution-technology.html
[15] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/oses&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aCtVnR3ezlDjyunEIghbJwAAAAE&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[16] https://whitepapers.theregister.com/
Re: So how much compensation will MS pay users for this?
ecofeco
Above the law?
They ARE the law! (just ask them)
Wait... Bitlocker?
ecofeco
Bitlocker, eh? Yeah, mystery solved.
The root cause?
Mike 137
" a device with Intel Trusted Execution Technology (TXT) enabled on a tenth-generation or later Intel processor with vPro support, has BitLocker enabled, and obediently installed the KB5058379 patch... "
I've come to the conclusion the fundamental problem is that, due to a very apparent long standing practice of "tinker development", the OS has got so convoluted that it's impossible to reliably predict the effect of any changes/"updates"/fixes. So it's not so much that M$ doesn't care (although they indeed might not) but that the entire development process is utterly out of control because nobody on the dev teams really understands how the damned thing works any more.
Old joke
Gene Cash
9:30am: Developer A (among others) was laid off.
9:40am: Customer Support Rep B was asked the status of very important bug-fix for very important customer.
9:45am: CSR B answers "You'll need to ask Developer A. He was working on it."
So how much compensation will MS pay users for this?
Just kidding. I know MS is above the law.