A Hyper-V user with BitLocker enabled may encounter a restart failure if the Device Guard or Credential Guard feature has not been disabled or has not been uninstalled cleanly. Specifically, upon restart, you receive following error message on a blue screen:
Your PC/Device needs to be repaired.
A required file couldn’t be accessed because your BitLocker key wasn’t loaded correctly.
Error code: 0xc0210000
You’ll need to use recovery tools. If you don’t have any installation media (like a disc or USB device), contact your PC administrator or PC/Device manufacturer.
Press Enter to try again
Press F8 for Startup Settings
To fix this issue, install Cumulative update for Windows 10 Version 1607: August 23, 2016 (KB3176934).
How to avoid getting into this situation
Keep Hyper-V disabled during the operating system upgrade.
Reset the Device Guard registry keys (delete the Device Guard registry key node) and then enabled Hyper-V in Windows 10 Version 1607.
Reset the Device Guard registry keys (delete the Device Guard registry key node) and then upgrade to Windows 10 Version 1607.
Disable BitLocker until you install update 3176934.
How to recover from this issue
Start into another operating system on the computer and then start the Command Prompt window
from the Windows Recovery Environment by selecting Troubleshoot > Advanced Options > Command Prompt
Or from a bootable Windows 10 Setup. You can follow this instruction to prepare a bootable USB drive.
Unlock the operating system drive by running:
Manage-bde-unlock-rp <recovery password> <operating system drive:>
Note The operating system drive may be a different letter than in the main operating system.
To do this, you should first recover your BitLocker key. See information about this from get your recovery password. You need to get the recovery ID first by running the following command:
Manage-bde-status <opertaing system drive:>
Suspend BitLocker by running the following command at the command prompt:
Manage-bde-protectors-disable <operating system drive:>
Restart and set below registry key from the main operating system:
DWORD EnableVirtualizationBasedSecurity set to 0
DWORD RequirePlatformSecurityFeatures set to 0
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
Learn about the terminology that Microsoft uses to describe software updates.