Home > Bitlocker Tips

Updating BIOS with BitLocker Enabled, Applicable?

Published/Updated on Tuesday, December 24, 2024

M3 Software author Yuri Zhang

Written by

Yuri Zhang

English

Summary: This article explains the relationship between BitLocker and BIOS updates and offers practical solutions for updating the BIOS without encountering issues. iBoysoft DiskGeeker offers BitLocker needing no thinking of BIOS.

Main interface of iBoysoft DiskGeeker for Windows

 Download

iBoysoft DiskGeeker for Windows

Rating:4.8

     

The BIOS (Basic Input/Output System) is a vital component of your computer that sits between the hardware and the operating system. It's a firmware that initializes and tests your hardware components, such as the processor, memory, and storage devices, when you power on your computer. 

Think of it as the first software that runs on your computer, essentially "waking up" the machine and setting it up to load the operating system (like Windows or Linux). However, when BitLocker, the full-disk encryption tool in Windows, is enabled, updating the BIOS can lead to complications. Let's dive into the best practices to update BIOS with BitLocker.

 Note: In more recent systems, the traditional BIOS has been largely replaced by UEFI (Unified Extensible Firmware Interface). While UEFI is an evolution of BIOS, it offers more advanced features like faster boot times and support for larger hard drives. Updating the BIOS is a critical maintenance task that can enhance performance, resolve hardware issues, or add new features. 

The risk of BIOS updates with BitLocker enabled

BitLocker encrypts your system drive to protect your data. It relies on TPM, Secure Boot, and other system settings to secure the boot process. Any changes to the BIOS (such as updating the firmware, modifying TPM settings, or altering Secure Boot configurations) can potentially make BitLocker believe that the system's integrity has been compromised.

If BitLocker detects changes that could affect the boot process, it will lock the system and ask for the BitLocker recovery key to verify the authenticity of the boot configuration. If you cannot provide the recovery key, the system will remain inaccessible. This is especially concerning when updating the BIOS, which might trigger a BitLocker recovery prompt.

BIOS updates often modify or reset certain settings, such as TPM, which is crucial for BitLocker's operation. A TPM reset, for instance, can lead to the encryption keys being unavailable, causing BitLocker to enter recovery mode.

 Note: What happens if BitLocker is left enabled during BIOS update? You might encounter the following issues: BitLocker will prompt you for recovery key. Some BIOS updates reset the TPM, making the encryption keys inaccessible and forcing BitLocker into recovery mode. Changes to boot settings could prevent the system from booting properly.

Precautions before BIOS update

  • Before performing any BIOS update, it's essential to back up your BitLocker recovery key in case you need it. The recovery key can be saved to your Microsoft account, a USB drive, or printed out.
  • BIOS updates should be applied carefully. Interruptions during the update process (such as power loss or manual reset) can cause system instability or BIOS corruption. So keep in mind to avoid interruptions during the BIOS update.

Share this and let others know that we need to disable BitLocker when updating BIOS.

 

How to safely update BIOS with BitLocker enabled

To minimize the risk of triggering BitLocker recovery mode, it's important to suspend or disable BitLocker before proceeding with a BIOS update. Here are the two main methods for safely updating the BIOS:

Option 1: Suspend BitLocker temporarily

Suspending BitLocker is the most straightforward approach. This method does not decrypt your drive but temporarily disables BitLocker's protection, ensuring it doesn't interfere with the BIOS update process.

  1. Open Control Panel > System and Security > BitLocker Drive Encryption.
  2. Find your system drive (usually C:) and click Suspend Protection.
  3. To check current BIOS version, press Win + R, type msinfo32, and note your BIOS version.
  4. Go to your computer/motherboard manufacturer's website such as Dell or ASUS.
  5. Search for your model and download the latest BIOS update file.
  6. Run the file and confirm the update and let it run. Do not interrupt the process.
  7. Once the update is complete, the system will restart.
  8. Once in Windows, press Win + R, type msinfo32, and confirm the BIOS version has updated.
  9. After the BIOS update is complete, go back to BitLocker Drive Encryption in the Control Panel and click Resume Protection to re-enable BitLocker.

This method is quick and effective, as it prevents BitLocker from prompting for the recovery key but does not require decrypting the entire drive.

Option 2: Decrypt the drive/turn off BitLocker

If you're particularly cautious or if suspending BitLocker isn't an option, you can fully decrypt the drive by turning off BitLocker. This method takes longer but guarantees that no BitLocker-related issues will occur during the BIOS update.

  1. Open Control Panel > System and Security > BitLocker Drive Encryption.
  2. Click Turn off BitLocker for your system drive.
  3. The decryption process will begin, which could take a while depending on the size of the drive.
  4. Once the drive is decrypted, you can safely proceed with the BIOS update as mentioned above.
  5. After the BIOS update, go back to BitLocker Drive Encryption in the Control Panel and click Turn BitLocker on. Windows will begin re-encrypting the drive.

Turn off BitLocker

This method is more thorough but less convenient, as it involves waiting for the decryption and re-encryption processes to complete.

Share this article to help those who want to update BIOS.

 

Free bonus: iBoysoft DiskGeeker for Windows

To spare your worries about BIOS or other miscellaneous settings, iBoysoft DiskGeeker provides a much more succinct and less complicated interface. It even offers BitLocker for Windows devices unsupportive of BitLocker. Here's how to use it:

Step 1: Download and launch the iBoysoft DiskGeeker for Windows.

 Download

iBoysoft DiskGeeker for Windows

Rating:4.8

     

Step 2: Click the "Click to encrypt" button next to the partition from the BitLocker module.

Click to encrypt

Step 3: Enter a password, re-enter it, and click "Next" to proceed.

Enter BitLocker password

Remember to backup and keep well of your recovery key, because if you lose the password and the recovery key, you cannot open the BitLocker-encrypted partition afterward.

Step 4: Click "Start encrypting" to confirm your encryption action.

Start encrypting  
 

Conclusion

Updating the BIOS on a system with BitLocker enabled requires some extra caution. The relationship between BitLocker and BIOS updates revolves around BitLocker's reliance on system configuration (like TPM and Secure Boot) to ensure data security. Without proper precautions, BIOS updates can trigger BitLocker recovery mode, causing potential access issues.

Therefore, to safely update the BIOS, suspend BitLocker before the update to avoid triggering recovery mode. If necessary, turn off BitLocker entirely by decrypting the drive before updating the BIOS. By following these steps and ensuring you have a backup of your recovery key, you can perform BIOS updates without encountering problems related to BitLocker encryption. iBoysoft DiskGeeker is always a go-to choice.

Spread these insights and practice them!

 

M3 Software author Yuri Zhang
Yuri Zhang

Yuri, a chief writer at M3 Software, has excelled at computer-related expertise in Windows, BitLocker, macOS, data security, disk management, and other cyber-knowledge. She is overwhelmed with joy by outputting specialized content, and she will keep going in the career of a pro-editor and help computer users to the greatest extent.

About | Refund Policy | Privacy Policy | Uninstall | Contact Us
Copyright© 2024 M3 Software. All Rights Reserved.