Microsoft has alerted customers about a known issue that is causing incorrect BitLocker drive encryption errors to appear in certain managed Windows environments. However, the company emphasized that this problem is purely a reporting issue and does not affect the actual encryption of drives or the reporting of other device problems.

The issue specifically impacts client platforms such as Windows 11 21H2/22H2, Windows 10 21H2/22H2, and Windows 10 Enterprise LTSC 2019. It only affects environments where drive encryption is enforced for the operating system and fixed drives. Microsoft stated that its cloud-based unified endpoint management service, Intune, is one of the affected MDM platforms, although it has not disclosed the names of other apps experiencing similar BitLocker errors.

The problem arises when using the FixedDrivesEncryptionType or SystemDrivesEncryptionType policy settings in mobile device management (MDM) apps, which can incorrectly display a 65000 error in the “Require Device Encryption” setting for certain devices. To address this issue, administrators can enable the “not configured” setting for the relevant policies in Microsoft Intune.

Microsoft is actively working to resolve this known issue and plans to provide further details in an upcoming update. It is worth noting that earlier this year, the company fixed other known issues, such as WSUS servers failing to push Windows 11 updates and video recording failures in apps using the WVC1 codec on Windows 10 and Windows 11 systems.

Sources:

– Microsoft Windows Health dashboard.