From 45f6df76a66215daeab29f083ad7718ff8919c98 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Thu, 11 Mar 2021 11:53:30 -0800 Subject: [PATCH] Update windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com> --- .../information-protection/bitlocker/bitlocker-upgrading-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md index d52e930a69..b96edcaede 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md @@ -37,7 +37,7 @@ Yes. No user action is required for BitLocker in order to apply updates from Microsoft, including [Windows quality updates and feature updates](https://technet.microsoft.com/itpro/windows/manage/waas-quick-start). Users need to suspend BitLocker for Non-Microsoft software updates, such as: -- Some TPM firmware updates if these update clears TPM outside of Windows API. Not every TPM firmware update will clear the TPM and this happens if known vulnerability has been discovered in the TPM firmware. User doesn’t have suspend BitLocker if TPM firmware update uses Windows API to clear TPM because in this case BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don’t want to suspend BitLocker protection. +- Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM and this happens if a known vulnerability has been discovered in the TPM firmware. Users don’t have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don’t want to suspend BitLocker protection. - Non-Microsoft application updates that modify UEFI\BIOS configuration - Manual or 3rd party updates to secure boot databases (only If BitLocker uses Secure Boot for Integrity validation) - Updates to UEFI\BIOS firmware, installation of additional UEFI drivers or UEFI applications without using Windows Update mechanism (only If BitLocker does not use Secure Boot for Integrity validation and you update)