question

ZMartin-5528 avatar image
0 Votes"
ZMartin-5528 asked MTG-3890 commented

Can bitlocker create problems during upgrades or updates?

Hello,

I posting to see how medium to large organizations that utilize bitlocker are able to not worry about updates or upgrades with bitlocker.

Is there a common management process that allows for this to function consistently?

Can updates / upgrades be automated with bitlocker enabled?

These are issue I can see becoming a larger problem with bitlocker being enabled.

Thanks!

windows-10-security
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If you get help from our reply, please click "Accept Answer" on a reply to help other community members find the helpful reply quickly.
If you resolve issue using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

0 Votes 0 ·
TeemoTang-MSFT avatar image
0 Votes"
TeemoTang-MSFT answered

Hello,

No one can guarantee a completely normal upgrade on many computers, but BitLocker will not create problems during upgrades or updates in theory, you don’t need to worry about BitLocker enabled PCs have specifical BitLocker related trouble during upgrade.
Microsoft document explains this:

Can I upgrade to Windows 10 with BitLocker enabled?
Yes.
Do I have to suspend BitLocker protection to download and install system updates and upgrades?
No user action is required for BitLocker in order to apply updates from Microsoft, including Windows quality updates and feature updates.
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq#can-i-upgrade-to-windows-10-with-bitlocker-enabled-


If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MTG-3890 avatar image
0 Votes"
MTG-3890 answered

You asked the same on Experts-Exchange.com and should have linked it here, so that no duplicate answers are given:
https://www.experts-exchange.com/questions/29218461/Can-bitlocker-create-issue-with-automation-and-updates.html

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MTG-3890 avatar image
0 Votes"
MTG-3890 answered MTG-3890 commented

By the way, the Microsoft documentation that you link is plain incorrect, @TeemoTang-MSFT
Of course you need to suspend BL for updates unless you run without preboot authentication active.
So only upgrades do suspend BL automatically, but not updates!

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Of course you could suspend BitLocker during upgrade/update, that's a prudent method. However, Microsoft's document is not wrong, in my company, all computers are encrypted by BitLocker, both of OS partition and data partitions, we have upgraded computers to 21H1 integrally from different versions(1909, 20H1, 20H2), didn't suspend BitLocker, and upgrade process is successful.

0 Votes 0 ·

Teemo, you didn_t understand what I wrote. Please try again :-) : "only upgrades do suspend BL automatically, but not updates"

0 Votes 0 ·

So for the preboot authentication example would be for a PC with no TPM module that would require it.
Disabling bitlocker during the update?

0 Votes 0 ·

See reply @experts-exchange

0 Votes 0 ·