This week, there have been a couple of major news related to BitLocker. Microsoft has failed to deliver on its promise of an automatic fix for "0x80070643 - ERROR_INSTALL_FAILURE" messages when trying to install WinRE updates that patch a BitLocker encryption vulnerability.
On the other side, there is some good news too as the company finally confirmed it had fixed a "65000" BitLocker reporting error that was affecting mainly Intune. And it looks like we have more BitLocker news to follow up.
German news outlet Deskmodder reports that the next major Windows 11 version, 24H2, also called the 2024 update, may enable BitLocker by default during installation, and this may seemingly be happening across multiple editions of Windows 11, including Home.
The site noticed the change when running a Windows 11 24H2 installation using the new redesigned Setup, that we had a look at back in January. Thankfully, there is the option to disable Device Encryption inside Privacy & security in Settings.
In the report, Deskmodder has penned down its observation (Google-translated to English):
Windows 11 24H2 comes with a revised setup. The new installation does not start with the “blue windows”, but similar to inplace. But what can happen during a new installation is that the drives can be encrypted with Bitlocker in the background.
This not only affects Windows 11 24H2 Pro and higher, as some would suspect, but also Windows 11 Home.
Encrypting drives using BitLocker is not new in the Windows 11 PC landscape. Several OEMs already do it on Pro machines, though this time, as the report suggests, the option will apparently be on the Home edition too.
Interestingly, it has been found that the default software-based BitLocker encryption (XTS-AES 128) on Windows, leads to significant performance loss even on some of the fastest data drives, like a PCIe Gen4 NVMe SSD.
And worse, an unsuspecting user could completely miss the fact that their device is encrypted and recovery of the encrypted data can prove problematic or potentially impossible in case the key is misplaced, or not saved properly.
Source: Deskmodder