Routine Windows 11 update appears to result in Bitlocker Recovery Mode

[Colonal Darcy]

Lenovo Yoga 920-13ikb
bios 5NCN41WW
currently with Win11, likely upgraded from Win10 in the past
From approximately 2017-2018

Helping someone with their Laptop, it was working fine no problems, I went to the Windows Update, and it had Optional update of Lenovo Firmware, the UEFI update, I did that, and it said to restart. After restart, Bitlocker goes into recovery mode.

PC Owner never printed their Bitlocker Recovery Key. They have 2 Windows Users, I only went into 1 of the users, and it was a Local User, not a Microsoft Account User, so it appears that Bitlocker Recovery cannot be accessed from a MS Account. I never saw the other user, so it is possible that it is a MS Account with synced Bitlocker Recovery Key, so I asked the PC owner to log into their MS account from another device, but I followed directions from MS, and MS account explicitly said there was no Bitlocker synced device in their settings.

PC Owner likely never setup Bitlocker themselves, it likely came from Lenovo as part of their OEM Win11 that way. I have seen many computers with Bitlocker device encryption already activated the first time you boot into windows. If this is so, where does Lenovo originally provide the recovery key? They must provide it to the purchaser somewhere! It seems to me that in theory, if I perform a UEFI/BIOS version rollback, it will fit the Bitlocker checksum, or TPM key checksum or whatever it is called.

I would also expect there is a button to push somewhere to revert the UEFI back a version. If this obvious feature is not provided by Lenovo, then my next question is if I manually perform a UEFI rollback, does that step destroy the TPM Key? If it destroys the TPM key, then it will not fix the Bitlocker issue.

I have seen multiple situations on other computers where if I make a change to the EFI partition for example, then bitlocker recovery mode happens, then if i revert the change, bitlocker recovery mode goes away. That is what I am suggesting with the UEFI rollback. I am well aware of the difference between the UEFI motherboard settings and the EFI partition on the disk, no low hanging fruit to grab there.

Lastly, of course no one will be shocked that the PC Owner has no backups of her files, and no cloud sync of her files.

What options are left? I will try anything, thank you everyone so much!