As part of its regular maintenance, Microsoft often releases updates aimed at fixing bugs and improving performance on Windows systems. But one recent patch, KB5058379 for Windows 10, ended up doing more harm than good. Users reported serious issues, including endless reboot loops and the dreaded Blue Screen of Death (BSOD).
After weeks of frustration among users, Microsoft has finally responded with a follow-up update: KB5061768. This new patch is designed to address the critical errors introduced by its predecessor and is now being rolled out to affected systems, specifically those running Windows 10 versions 21H2 and 22H2.
What was the origin of the problems in Windows 10?
On May 13, 2025, Microsoft released update KB5058379, aiming to fix several user-reported issues in Windows 10. But instead of improving the experience, the update introduced a wave of serious problems. Many users found themselves stuck at startup, faced with unexpected BitLocker recovery screens, or worse—confronted with the Blue Screen of Death (BSOD).
According to Microsoft, the trouble stemmed from a glitch in the update that caused a failure in the Intel TXT (Trusted Execution Technology) feature. This failure disrupted the LSASS (Local Security Authority Subsystem Service), a vital process that handles user logins and account access, both local and Microsoft-based.
When LSASS crashes, Windows can’t function properly. The system would respond with a blue screen error. In systems where BitLocker encryption wasn’t enabled, Windows could undo the update automatically. But if BitLocker was active, the update rollback failed, leaving users stuck and unable to boot properly.
Microsoft Releases Manual Fix for KB5058379 Issues via KB5061768 Patch
While Microsoft has confirmed that a permanent fix will be included in the broader June 2025 Windows update, the company has also released an interim solution: patch KB5061768, specifically designed for users affected by the problems introduced in KB5058379.
This new patch addresses the issue linked to the Intel TXT feature, which was causing critical system crashes. However, KB5061768 won’t be delivered through Windows Update. Instead, users must download and install it manually.
To do this, you’ll need to:
- Visit the Microsoft Update Catalog.
- Search for KB5061768.
- Click the Download button next to the version that matches your system.
What If Windows Won’t Boot?
If your system can’t start properly due to the update, there’s an alternative fix. You’ll need to disable Intel TXT manually via your system’s BIOS:
- Restart your PC and enter the BIOS setup (usually by pressing Del, F2, or Esc during startup).
- Navigate to the Security tab, then go to Virtualization settings.
- Locate and disable the Intel TXT option. In some systems, it may be labeled as “DMA Protection” or “Kernel DMA Support.”
- Save the changes and exit BIOS.
Disabling this setting will stop the crashes and allow your system to boot normally. Once the system is stable, you can proceed to install KB5061768 manually.
