Category
preventOrFixIssue
Severity
normal
Major change
False
Last modified
2025-05-19 17:02:00
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
—
Services
Windows
Tags
Admin impact
Master tags
Security
Roadmap IDs
One-line summary
An out-of-band update (KB5061768) fixes lsass.exe crashes on Windows 10 devices with Intel vPro processors after the May 13, 2025 security update; apply if affected.
Similar updates
More like thisMC1091305 (Updated) The June 2025 Windows security update is now available
(Updated) The June 2025 Windows security update is now available June 2025 security updates for Windows 10, 11, and Server are now available; install promptly. Some Windows 11 24H2 devices need OOB update KB5063060 due to a compatibility issue. Note updated on June 11, 2025 (10:00 PT) The June 2025 security update is now available for all.
MC1138193 Take Action: Out-of-band update to address an issue affecting reset and recovery operations
Take Action: Out-of-band update to address an issue affecting reset and recovery operations A Windows reset/recovery issue after the August 2025 security update is fixed by an out-of-band update released August 19, 2025; install this OOB update if affected. Microsoft has identified an issue where some attempts to reset or recover Windows devices.
MC1199746 Take Action: Out-of-band update to address MSMQ service issues leading to queue operations and resource-related errors
Take Action: Out-of-band update to address MSMQ service issues leading to queue operations and resource-related errors Microsoft has identified an issue affecting Message Queuing (MSMQ) functionality in some enterprise environments after installing the December 2025 Windows security update (released December 9, 2025). ...25 Windows security.
MC1081492 (Updated) Take Action: Out-of-band update to address issue on devices running Hyper-V on some versions of Windows
(Updated) Take Action: Out-of-band update to address issue on devices running Hyper-V on some versions of Windows OOB updates released to fix confidential Hyper-V VM issues causing unexpected restarts; affected admins should apply the update from the Microsoft Update Catalog. To address this issue, out-of-band (OOB) updates have been.
MC1086085 Take action: Out-of-band update to address install error 0xc0000098 in ACPI.sys while installing KB5058405
Take action: Out-of-band updat... Microsoft has identified an issue where the May 2025 Windows security update ( KB5058405 ) might fail to install on some Windows 11, versions 22H2 and 23H2 devices, resulting in a recovery error (0xc0000098) related to the ACPI.sys file. This issue primarily affects virtual environments, including Azure Virtual.
MC1178653 Take Action: Out-of-band update to address a vulnerability in Windows Server Update Services (WSUS)
Take Action: Out-of-band update to address a vulnerability in Windows Server Update Services (WSUS) A critical RCE vulnerability in WSUS reporting web service is fixed by an out-of-band Windows Server update released on 2025-10-23; immediate installation is recommended. Microsoft has identified a remote code execution (RCE) vulnerability in the.
Details
Body (from Message Center)
Microsoft has identified a known issue affecting a small number of Windows 10 devices with Intel Trusted Execution Technology (TXT) enabled on 10th generation or later Intel vPro processors. After installing the May 13, 2025, Windows security update (KB5058379), these systems might experience unexpected termination of lsass.exe, which triggers Automatic Repair. On devices with BitLocker enabled, this results in a prompt for the BitLocker recovery key to proceed.
To address this issue, an out-of-band (OOB) update has been released today, May 19, 2025 (KB5061768). This update is available exclusively via the Microsoft Update Catalog and is cumulative—no previous updates are required before installing it. It supersedes all prior updates. The OOB update is available only for the Windows versions affected by issue: Windows 10, version 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 IoT Enterprise LTSC 2021.
Important: Consumer devices running Home and Pro editions of Windows 10 are unlikely to be affected, as they typically do not use Intel vPro processors.
If you have not yet deployed the May 2025 Windows security update (KB5058379) and your IT environment includes devices with the affected processors, we recommend applying this OOB update instead: May 19, 2025—KB5061768 (OS Builds 19044.5856 and 19045.5856) Out-of-band. If your organization is not affected by this issue, you do not need to install this OOB update.
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": null,
"ai_actions": [
"Apply KB5061768 OOB update if using affected Intel vPro devices",
"Avoid deploying KB5058379 until OOB update is installed"
],
"ai_master_tags": [
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "An out-of-band update (KB5061768) fixes lsass.exe crashes on Windows 10 devices with Intel vPro processors after the May 13, 2025 security update; apply if affected.",
"ai_topics": [
"Windows"
],
"category": "preventOrFixIssue",
"details_map": {},
"id": "MC1077563",
"importance": 0,
"is_major_change": false,
"last_modified": "2025-05-19T17:02:00Z",
"ms_products": [
"Windows"
],
"platforms": null,
"roadmap_ids": [],
"services": [
"Windows"
],
"severity": "normal",
"tags": [
"Admin impact"
],
"title": "Take Action: Out-of-band update to address BitLocker recovery prompt issue on Windows 10"
}
}