A recent Windows 11 update — KB5062553 — appears to have introduced a critical issue affecting FIDO2 security key management.
Users report that PIN and fingerprint enrollment windows freeze or fail to open, effectively preventing the setup or management of FIDO2 keys.
Ironically, this isn’t the first time a platform update has broken WebAuthn functionality — Apple experienced a similar issue in a past iOS release, which temporarily disrupted FIDO2 usage on iPhones and iPads. That issue was resolved with a follow-up patch.
We are in direct contact with Microsoft and have provided details to help them investigate and resolve the problem.
Workarounds
1. Use an external management tool:You can use Token2 FIDO2.1 Manager, which is compatible with FIDO2.1 keys from any brand, to manage your security keys without relying on the native Windows UI.
2. Uninstall the update:
If you must regain full functionality urgently, you can uninstall the problematic update using the following command:
wusa /uninstall /kb:5062553⚠️ Important: This is a security update, so removing it may expose your system to other vulnerabilities. Proceed with caution and ensure you have other layers of protection in place.
updates
Did you know?
Token2 is offering currently the most secure FIDO2 keys for enterprise customers, known as the PIN+ Series FIDO2 keys. These keys, certified by the FIDO alliance, enforce PIN complexity at the firmware level. This unique feature is not available with other keys, even those marked as FIPS-certified.Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!