By Sergiu Gatlan on Tuesday, 10 October 2023
Category: Security

Microsoft warns of incorrect BitLocker encryption errors

Microsoft warned customers this week of incorrect BitLocker drive encryption errors being shown in some managed Windows environments. 

According to Redmond, this known issue affects only client platforms, including Windows 11 21H2/22H2, Windows 10 21H2/22H2, and Windows 10 Enterprise LTSC 2019.

The issue also only impacts environments where drive encryption is enforced for OS and fixed drives.

Microsoft says Intune, its cloud-based unified endpoint management service, is one of the MDM platforms affected by the known issue. Still, it has not revealed what other MDM apps show these erroneous BitLocker errors.

'Using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in the BitLocker configuration service provider (CSP) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the 'Require Device Encryption' setting for some devices in your environment," the company said on the Windows Health dashboard.

"Affected environments are those with the 'Enforce drive encryption type on operating system drives' or 'Enforce drive encryption on fixed drives' policies set to enabled and selecting either 'full encryption' or 'used space only'." 

Just a reporting issue waiting for a fix

Microsoft also clarified that this issue is caused by a reporting problem, and it does not impact drive encryption or the reporting of other device problems, including other BitLocker problems on MDM-enrolled Windows devices.

To address this, admins can enable the "not configured" setting for the "Enforce drive encryption type on operating system drives" or "Enforce drive encryption on fixed drives" policies in Microsoft Intune.

The company added that it's actively working on resolving the issue and will provide more details with an upcoming update.

Earlier this year, Redmond fixed a known issue impacting WSUS (Windows Server Update Services) servers upgraded to Windows Server 2022, which caused them to stop pushing Windows 11 22H2 updates to enterprise endpoints.

The same month, it fixed another bug causing video recording and playing failures in apps using the WVC1 codec on Windows 10 and Windows 11 systems. 

Related Posts

Leave Comments