CO-managment Windows Updates - suspend bitlocker?

Belgian Malinois 461 Reputation points
2024-07-19T14:25:46.9333333+00:00

How can I suspend Bitlocker during SCCM / WSUS software updates in order to prevent the need to recover? Is moving it to a task sequence the only way?

Microsoft Configuration Manager
0 comments No comments
{count} votes

Accepted answer
  1. AllenLiu-MSFT 47,886 Reputation points Microsoft Vendor
    2024-07-22T02:46:32.8333333+00:00

    Hi, @Belgian Malinois

    Thank you for posting in Microsoft Q&A forum.

    According to the BitLocker FAQ provided by Microsoft, no user action is required for BitLocker in order to apply updates from Microsoft, including Windows quality updates and feature updates. However, users need to suspend BitLocker for Non-Microsoft software updates, such as TPM firmware updates if these updates clear the TPM outside of the Windows API, non-Microsoft application updates that modify the UEFI\BIOS configuration, manual or non-Microsoft updates to secure boot databases (only if BitLocker uses Secure Boot for integrity validation), updates to UEFI\BIOS firmware, installation of additional UEFI drivers, or UEFI applications without using the Windows update mechanism (only if BitLocker doesn't use Secure Boot for integrity validation during updates).

    To suspend BitLocker protection, users can use the Control Panel or PowerShell. After the updates are installed, BitLocker protection can be resumed.

    Moving BitLocker to a task sequence is not the only way to suspend BitLocker during SCCM/WSUS software updates. Users can use the Control Panel or PowerShell to suspend BitLocker protection.


    References:


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.