Can a Windows 7 WSUS update cause prompt for bitlocker recovery key

Hi Experts,
Requiring your advise, running with Windows 7 x64 Ultimate in our environment, and we encrypting HDD's using bitlocker, recently some desktop machines built using SCCM is prompting for a bitlocker recovery key post installation,
Our build process involves deployment of image using SCCM 2012, post build the HDD encrypts and windows updates get's applied to workstations via WSUS, a claim was made that a recent Microsoft update has caused this behaviour (IE: prompt for bit locker recovery key)
our WSUS is only configured to download critical OS and Office updates, nothing hardware specific,
In your expert opinion, do u think this behaviour could have been triggered by a windows update?
Craig PaulsenSystems EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Hi.

No, I am sure it won't have been a windows update. Our whole network is bitlocked for more than half a year now and we install updates on all machines as soon as they come out. Never did it happen.

Whenever I have seen that (yes I have, but it was with vista many years ago), it turned out to have been something else, mostly people having played with BIOS settings - the TPM chip does not like that.
0
Craig PaulsenSystems EngineerAuthor Commented:
Thanks,the articles I come across also doesn't seem to indicate it's an windows update, but I guess I'd need to something that definitivevely rules this out as the cause
0
McKnifeCommented:
Ok, would it be enough to rule it out theoretically?
Because there's a list that shows what triggers the recovery key prompt.
http://blogs.technet.com/b/askcore/archive/2010/08/04/issues-resulting-in-bitlocker-recovery-mode-and-their-resolution.aspx
Updates are nowhere to be seen...but in the question at the very end. ;-)
More here: http://technet.microsoft.com/en-us/library/hh831507.aspx
"What causes BitLocker to start into recovery mode when attempting to start the operating system drive?"
many hints.

Another hint is this: if you use a tpm, the TPM monitors some things. If one of those is changed, the recovery password is being asked for. Those so-called PCRs are listed here: http://technet.microsoft.com/de-de/library/ee706521(v=ws.10).aspx (search for pcr inside that website).

No, definitely not updates.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Craig PaulsenSystems EngineerAuthor Commented:
thanks
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.