BugZero found this defect 223 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/26/2024
Windows 11
Windows 10
Windows 10 Enterprise LTSC 2019
21H2
22H2
23H2
all
Published: 2024-04-26T23:02:48.247+00:00 ---------------------------------------- Using the FixedDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#fixeddrivesencryptiontype) or SystemDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#systemdrivesencryptiontype) policy settings in the BitLocker configuration service provider (CSP) (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment. Affected environments are those with the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies set to enabled and selecting either "full encryption" or "used space only". Microsoft Intune is affected by this issue but third-party MDMs might also pe affected. Important: This issue is a reporting issue only and does not affect drive encryption or the reporting of other issues on the device, including other BitLocker issues. Workaround: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies to not configured. Resolution: This issue was resolved by Windows updates released February 13, 2024 (KB5034763 (https://support.microsoft.com/help/5034763)), and later. We recommend you install the latest security update for your device. It contains important improvements and issue resolutions, including this one. Affected platforms: - Client: Windows 11, version 23H2; Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10 Enterprise LTSC 2019 - Server: None Click here (https://admin.microsoft.com/Adminportal/Home?#/windowsreleasehealth/:/wrhpreferences) to manage email notifications for Windows known issues Published: 2023-10-31T17:05:13.32+00:00 ---------------------------------------- Using the FixedDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#fixeddrivesencryptiontype) or SystemDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#systemdrivesencryptiontype) policy settings in the BitLocker configuration service provider (CSP) (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment. Affected environments are those with the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies set to enabled and selecting either "full encryption" or "used space only". Microsoft Intune is affected by this issue but third-party MDMs might also pe affected. Important: This issue is a reporting issue only and does not affect drive encryption or the reporting of other issues on the device, including other BitLocker issues. Workaround: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies to not configured. Next steps: We are working on a resolution and will provide an update in an upcoming release. Affected platforms: - Client: Windows 11, version 23H2; Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10 Enterprise LTSC 2019 - Server: None Published: 2023-10-09T22:09:21.143+00:00 ---------------------------------------- Using the FixedDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#fixeddrivesencryptiontype) or SystemDrivesEncryptionType (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp#systemdrivesencryptiontype) policy settings in the BitLocker configuration service provider (CSP) (https://learn.microsoft.com/windows/client-management/mdm/bitlocker-csp) node in mobile device management (MDM) apps might incorrectly show a 65000 error in the "Require Device Encryption" setting for some devices in your environment. Affected environments are those with the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies set to enabled and selecting either "full encryption" or "used space only". Microsoft Intune is affected by this issue but third-party MDMs might also pe affected. Important: This issue is a reporting issue only and does not affect drive encryption or the reporting of other issues on the device, including other BitLocker issues. Workaround: To mitigate this issue in Microsoft Intune, you can set the “Enforce drive encryption type on operating system drives” or "Enforce drive encryption on fixed drives" policies to not configured. Next steps: We are working on a resolution and will provide an update in an upcoming release. Affected platforms: - Client: Windows 11, version 22H2; Windows 10, version 22H2; Windows 11, version 21H2; Windows 10, version 21H2; Windows 10 Enterprise LTSC 2019 - Server: None
"Requires Device Encryption" might incorrectly report as an error in some managed environments.
N/A
N/A
https://support.microsoft.com/en-us/topic/5034763
2024-02-13T10:00:00-08:00