Given that the other two vulns were silently patched, no CVE, basically screams this is a backdoor.
If this is a fed mandated backdoor, I guarantee Microsoft/Windows isn't the only one either, they are just the only/first ones to get caught. I'd be suspicious about every single commercial, closed source operating system or encryption product in the US right now.
Along with other facets of this, what are the odds a "bug" would also automatically erase evidence of itself from the bootable USB stick when it activates?
If it's replaying a filesystem transaction like others have said, I can see where it makes sense to erase the files afterwards. You don't want the same transaction replayed twice.
The basic design of the most common mode of operation for bitlocker, where the TPM hands over the deception keys to the drive when Windows boots without requiring a PIN or anything, indicates how unserious they are.