Microsoft has updated the mitigation guidance for CVE-2026-45585, a vulnerability involving Windows BitLocker security feature bypass. The update replaces the previously documented manual mitigation steps with a deployment script that reduces exposure while a future security update is in development.
The vulnerability impacts a limited set of platforms: Windows 11 versions 26H1, 25H2, and 24H2, and Windows Server 2025. The updated mitigation guidance and script are now available.
Environments that have already implemented the original manual mitigation steps do not need to take further action, as the newly released script only simplifies deployment of the existing mitigation.
All WSU IT units managing systems running the impacted Windows versions are encouraged to review the updated guidance and determine applicability within their environments.
Microsoft recommends prioritizing mitigation in scenarios where devices are more likely to be removed from controlled environments or at increased risk of loss or theft, such as systems used for remote work or business travel.
The Microsoft Security Update Guide entry for CVE-2026-45585 provides full details, including access to the mitigation script and implementation instructions.