Microsoft has confirmed a new bug that is related to BitLocker.  The issue impacts Windows 10 and Windows 11 devices, including the very latest versions.

Windows may unexpectedly display a message about Bitlocker settings

Users may notice a message being displayed in the Control Panel page for BitLocker Encryption on their computer. The message reads as follows: "For your security, some settings are managed by your administrator."

According to a support page referred to as KB5051141 on Microsoft's website, the message is displayed on PCs that have BitLocker enabled. More specifically, the message may appear on unmanaged devices which use the Trusted Platform Module (TPM).

A managed device is one that is handled by a company, organization or school's IT department. This could cause some confusion among users, especially if they are the sole user of a PC, e.g. a home computer. Naturally, people may worry whether they have been hacked, or if their system has been hit by a virus. Hey, my computer is not managed, why am I seeing this message?

Relax! There is no need to panic if you come across the message on your computer, it is not going to break your PC, as it is not an error per se. Windows just seems to be reporting the status incorrectly, and that is why Microsoft has published the document, to reassure people that it is a known issue, i.e. there is nothing wrong with your PC.

As for fixing the problem, there is no workaround for removing the annoying message at the moment. Microsoft says it is working on a solution to resolve the error.

That being said, BitLocker has been rather buggy for quite a while. Last year, it was said to have allegedly slowed down SSDs by up to 45%. And then there was an issue that was caused by a faulty Windows Update that sent PCs booting into BitLocker recovery. This issue, which also affected both Windows 10 and Windows 11, was resolved in August 2024. But that didn't fix everything.

More recently, a security researcher called Thomas Lambertz, demonstrated a bitpixie attack at the Chaos Communication Congress, to show how easy it was to breach BitLocker by exploiting Secure Boot's encryption with a custom Linux system. He explained that this method is used by law enforcement agencies, and companies like Cellebrite, in order to gain access to encrypted PCs without a password.  This vulnerability has remained unpatched since 2022, which is rather alarming. It could essentially allow hackers to steal information very easily, especially from stolen laptops. Lambertz advised users to set up a PIN for BitLocker, in addition to a Windows PIN, to ensure that their data is protected from hackers. However, setting a BitLocker PIN is not possible on Home Editions of Windows. I recommend watching the video here to learn more about the vulnerability.

It is worth noting that BitLocker is enabled by default on clean Windows installations, this change was introduced as part of the Windows 11 24H2 feature update.

On a side note, Microsoft has released the Windows security updates for January 2025, you can read Martin's article for more details.