Favorite your Message Center and Roadmap items. Access them anytime via your Profile. Export and share with your team or your LLM.

(Updated) Take action: Mitigation guidance updated with a new script for CVE-2026-45585

Message ID
MC1318295
View in Message Center
Service
Windows
Category
preventOrFixIssue
Tags
Major Change Admin impact
Rollout
June 2026

Details

Updated June 9, 2026: This message has been updated to reflect the availability of the June 2026 security update, which addresses CVE‑2026‑45585. If you have applied the temporary mitigations documented prior to this update’s release, you do not need to revert it once you install the update.

Microsoft has updated the mitigation guidance in CVE-2026-45585, a Windows BitLocker security feature bypass vulnerability. The June 2026 security update that addresses this vulnerability is now available. Note that a limited set of Windows versions are affected: Windows 11, versions 26H1, 25H2, and 24H2, and Windows Server 2025.

When will this happen:
The June 2026 security update and the updated mitigation guidance are available now.

How this will affect your organization:
Microsoft recommends applying the June 2026 security update to address this vulnerability. Windows devices that use BitLocker may be exposed if mitigations are not applied. Organizational environments that previously implemented the manual mitigation steps or the mitigation script do not need to take additional action, and the previously applied mitigation does not need to be reverted.
 
What you need to do to prepare:
Organizational environments using BitLocker on affected Windows versions should review the updated guidance in the Microsoft Security Update Guide to determine the appropriate action for their environment.

Additional information:         

Change History

Show
June 9, 2026 at 8:30 PM Updated
Title
Previous
Take action: Mitigation guidance updated with a new script for CVE 2026 45585
New
(Updated) Take action: Mitigation guidance updated with a new script for CVE-2026-45585
Last Updated Date
Previous
2026-05-21T23:31:01.260Z
New
2026-06-09T17:28:09.287Z
Body Content
Previous
<div>Microsoft has updated the mitigation guidance in <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585" rel="noopener noreferrer" target="_blank">CVE-2026-45585</a>, a Windows BitLocker security feature bypass vulnerability. The updated guidance replaces previously documented manual mitigation steps with a <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585#faq" rel="noopener noreferrer" target="_blank">script</a> that helps reduce exposure while a future security update is developed to address this vulnerability. Note that a limited set of Windows versions are affected: Windows 11, versions 26H1, 25H2, and 24H2, and Windows Server 2025.</div><div><br></div><div><b>When will this happen:</b></div><div>The updated mitigation guidance and <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585#faq" rel="noopener noreferrer" target="_blank">script</a> are available now.</div><div><br></div><div><b>How this will affect your organization:</b></div><div>Windows devices that use BitLocker may be exposed to this vulnerability if mitigations are not applied. Organizational environments that previously implemented the documented manual mitigation steps do not need to take additional action, as the script only simplifies deployment of the existing mitigation.</div><div><br></div><div>Organizations that have not yet taken action should assess their exposure to this vulnerability and determine whether mitigation is appropriate. Microsoft recommends that organizations consider implementing this mitigation if devices and data may be at risk of being compromised or stolen. For example, this may apply if your organization’s employees take their work devices home or on business travel.</div><div><b>&nbsp;</b></div><div><b>What you need to do to prepare:</b></div><div>Organizational environments using BitLocker on affected Windows versions should review the updated guidance in the Microsoft Security Update Guide to determine whether applying the mitigation is necessary.</div><div><br></div><div><b>Additional information:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b></div><ul><li><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585" rel="noopener noreferrer" target="_blank">CVE-2026-45585: Windows BitLocker Security Feature Bypass Vulnerability</a></li></ul>
New
<div>Updated June 9, 2026: This message has been updated to reflect the availability of the June 2026 security update, which addresses CVE‑2026‑45585. If you have applied the temporary mitigations documented prior to this update’s release, you do not need to revert it once you install the update.</div><div><br></div><div>Microsoft has updated the mitigation guidance in <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585" rel="noopener noreferrer" target="_blank">CVE-2026-45585</a>, a Windows BitLocker security feature bypass vulnerability. The June 2026 security update that addresses this vulnerability is now available. Note that a limited set of Windows versions are affected: Windows 11, versions 26H1, 25H2, and 24H2, and Windows Server 2025.</div><div><br></div><div><b>When will this happen:</b></div><div>The June 2026 security update and the updated mitigation guidance are available now.</div><div><br></div><div><b>How this will affect your organization:</b></div><div>Microsoft recommends applying the June 2026 security update to address this vulnerability. Windows devices that use BitLocker may be exposed if mitigations are not applied. Organizational environments that previously implemented the manual mitigation steps or the mitigation script do not need to take additional action, and the previously applied mitigation does not need to be reverted.</div><div><b>&nbsp;</b></div><div><b>What you need to do to prepare:</b></div><div>Organizational environments using BitLocker on affected Windows versions should review the updated guidance in the Microsoft Security Update Guide to determine the appropriate action for their environment.</div><div><br></div><div><b>Additional information:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</b></div><ul><li><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585" rel="noopener noreferrer" target="_blank">CVE-2026-45585: Windows BitLocker Security Feature Bypass Vulnerability</a></li></ul>

Never Miss a Microsoft 365 Update

Join thousands of IT professionals who rely on DeltaPulse for real-time Microsoft 365 change intelligence, automated notifications, and community insights.