Security News > 2024 > January > Microsoft shares script to update Windows 10 WinRE with BitLocker fixes
Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass.
As Microsoft explains, this happens because instead of displaying a CBS E INSUFFICIENT DISK SPACE error when the WinRE partition is not large enough, Windows Update incorrectly says the generic "0x80070643 - ERROR INSTALL FAILURE" error message instead. ?This happens because the WinRE image file deployed when installing the KB5034441 security update is too large for the recovery partition.
"The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on supported Windows 10 and Windows 11 devices," Microsoft said.
When running the script on your system, it mounts the WinRE image, applies an architecture-specific Safe OS Dynamic Update you have to download from the Windows Update Catalog before running the script, unmounts the image, and then reconfigures WinRE for BitLocker service if the BitLocker TPM protector is present.
From BleepingComputer's tests, you may also have to use Microsoft's Show or Hide Tool to hide the KB5034441 update after running the script, so Windows Update won't keep trying to install the buggy update and display an error.
Windows 10 KB5034441 security update fails with 0x80070643 errors.
News URL
Related news
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft says recent Windows 11 updates break SSH connections (source)
- Windows 10 KB5046613 update released with fixes for printer bugs (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Windows 10 KB5046714 update fixes bug preventing app uninstalls (source)
- Windows 10 KB5048652 update fixes new motherboard activation bug (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Windows 11 Task Manager says no apps are active after preview update (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-09 | CVE-2024-20666 | Unspecified vulnerability in Microsoft products BitLocker Security Feature Bypass Vulnerability | 0.0 |