Article Details

April's Patch Tuesday leaves unlucky Windows Hello users unable to login. Can't Redmond ask its whizz-bang Copilot AI to fix it?. Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello. The patch bundle released yesterday is going to cause problems for a specific subset of users who are running either System Guard Secure Launch or Dynamic Root of Trust for Measurement (DRTM) on Windows 11 and Server 2025. If that's you, it's possible you'll need to reset your login PIN or biometrics in Hello in order to actually login and use your computer. "We're aware of an edge case of Windows Hello issue affecting devices with specific security features enabled," Microsoft said in an advisory. GitHub's boast that Copilot produces high-quality code challenged "After installing this update and performing a Push button reset or Reset this PC from Settings > System > Recovery and selecting Keep my Files and Local install, some users might be unable to login to their Windows services using Windows Hello facial recognition or PIN. Users might observe a Windows Hello message saying 'Something happened and your PIN isn't available. Click to set up your PIN again' or 'Sorry something went wrong with face setup.'" Those who haven't been keeping up to date on their patching might be OK. The dodgy security patch causing the issues is KB5055523, dated April 8, which fixes up various Windows 11 and Server 2025 vulnerabilities including the privilege-elevating CVE-2025-29824, which is being exploited in the wild by ransomware. That KB includes KB5053656, which was made available on March 27. There are a few other bugs in that release, such as issues with Citrix and Roblox that we've already reported on. Lest you think it's all bad news, the March KB release does have some improvements, we're told. There are various bug fixes for Dolby Vision capable displays, apps that crash on the graphics settings page, corrupted virtual NIC names, missing Local Administrator Password Solution (LAPS) configurations, Active Directory credential roaming, and other bits and pieces. There are Copilot+ additions. "Whether it’s searching in File Explorer, in the Windows Search on your taskbar, or in Settings – just type what’s on your mind to find it on your Copilot+ PC," says Microsoft. "You no longer need to remember file names, exact words in file content, or settings names. "You can use your own words in the search box at the upper-right corner of File Explorer, like 'summer picnics.' In addition to photos stored locally on your Copilot+ PC, photos from the cloud will now show up in the search results together." Meanwhile, Windows 10 users are still waiting for a patch for the aforementioned CVE-2025-29824. The vulnerability is under active exploitation by the Storm-2460 criminal gang, who have used it against victims in the US, Spain, Venezuela, and Saudi Arabia. So far only Windows 11 and Server 2025 are protected. Redmond has promised a patch for everyone else and told The Register it would "be available soon."