Solved

Can a Windows 7 WSUS update cause prompt for bitlocker recovery key

Posted on 2014-12-09
4
2,140 Views
Last Modified: 2016-02-21
Hi Experts,
Requiring your advise, running with Windows 7 x64 Ultimate in our environment, and we encrypting HDD's using bitlocker, recently some desktop machines built using SCCM is prompting for a bitlocker recovery key post installation,
Our build process involves deployment of image using SCCM 2012, post build the HDD encrypts and windows updates get's applied to workstations via WSUS, a claim was made that a recent Microsoft update has caused this behaviour (IE: prompt for bit locker recovery key)
our WSUS is only configured to download critical OS and Office updates, nothing hardware specific,
In your expert opinion, do u think this behaviour could have been triggered by a windows update?
0
Comment
Question by:craigleenz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 40488684
Hi.

No, I am sure it won't have been a windows update. Our whole network is bitlocked for more than half a year now and we install updates on all machines as soon as they come out. Never did it happen.

Whenever I have seen that (yes I have, but it was with vista many years ago), it turned out to have been something else, mostly people having played with BIOS settings - the TPM chip does not like that.
0
 

Author Comment

by:craigleenz
ID: 40489314
Thanks,the articles I come across also doesn't seem to indicate it's an windows update, but I guess I'd need to something that definitivevely rules this out as the cause
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 40489866
Ok, would it be enough to rule it out theoretically?
Because there's a list that shows what triggers the recovery key prompt.
http://blogs.technet.com/b/askcore/archive/2010/08/04/issues-resulting-in-bitlocker-recovery-mode-and-their-resolution.aspx
Updates are nowhere to be seen...but in the question at the very end. ;-)
More here: http://technet.microsoft.com/en-us/library/hh831507.aspx
"What causes BitLocker to start into recovery mode when attempting to start the operating system drive?"
many hints.

Another hint is this: if you use a tpm, the TPM monitors some things. If one of those is changed, the recovery password is being asked for. Those so-called PCRs are listed here: http://technet.microsoft.com/de-de/library/ee706521(v=ws.10).aspx (search for pcr inside that website).

No, definitely not updates.
0
 

Author Closing Comment

by:craigleenz
ID: 40501437
thanks
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Businesses who process credit card payments have to adhere to PCI Compliance standards. Here’s why that’s important.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question