Update to Windows KB5012170 producing boot problems and BitLocker recovery screens
Users of Windows who loaded the latest Secure Boot security update, KB5012170, have reported a variety of problems, from boot failures to performance problems.
A UEFI bootloader is in charge of initiating the UEFI environment with the Secure Boot feature, which permits only trusted code to be executed when commencing the Windows booting process, as soon as a device is turned on.
Microsoft published the standalone KB5012170 “Security update for Secure Boot DBX” during the August 2022 Patch Tuesday to address vulnerabilities discovered in a number of UEFI bootloaders that threat actors could exploit to get around Windows Secure Boot and run unsigned code.
Microsoft made the certificates needed to load the susceptible UEFI bootloaders a part of the Secure Boot Forbidden Signature Database (DBX), barring them from being utilised with Secure Boot in order to solve these issues.
However, installing the KB5012170 update would fail with an error code of 0x800f0922 if your device doesn’t have a functioning bootloader, which is fortunate because otherwise it wouldn’t be able to boot.
According to Microsoft, you can resolve this issue by asking the manufacturer of your device for updated UEFI firmware.
KB5012170 is causing a lot of problems.
Windows customers are currently reporting issues with Windows after applying the KB5012170 update, in addition to the 0x800f0922 error.
Some Windows users are seeing BitLocker Recovery panels after applying the upgrade, as TheRegister was the first to report. One of their readers reported that after applying the upgrade, 2% of Windows 11 computers displayed BitLocker recovery screens.
The same behaviour is being reported by other users on Twitter, Reddit, and the Microsoft Answers site.