Security News > 2024 > January > Microsoft shares script to update Windows 10 WinRE with BitLocker fixes

Microsoft has released a PowerShell script to automate updating the Windows Recovery Environment partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass.
As Microsoft explains, this happens because instead of displaying a CBS E INSUFFICIENT DISK SPACE error when the WinRE partition is not large enough, Windows Update incorrectly says the generic "0x80070643 - ERROR INSTALL FAILURE" error message instead. ?This happens because the WinRE image file deployed when installing the KB5034441 security update is too large for the recovery partition.
"The sample PowerShell script was developed by the Microsoft product team to help automate the updating of WinRE images on supported Windows 10 and Windows 11 devices," Microsoft said.
When running the script on your system, it mounts the WinRE image, applies an architecture-specific Safe OS Dynamic Update you have to download from the Windows Update Catalog before running the script, unmounts the image, and then reconfigures WinRE for BitLocker service if the BitLocker TPM protector is present.
From BleepingComputer's tests, you may also have to use Microsoft's Show or Hide Tool to hide the KB5034441 update after running the script, so Windows Update won't keep trying to install the buggy update and display an error.
Windows 10 KB5034441 security update fails with 0x80070643 errors.
News URL
Related news
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)
- Windows 10 KB5053606 update fixes broken SSH connections (source)
- Microsoft: Recent Windows updates make USB printers print random text (source)
- Microsoft: March Windows updates mistakenly uninstall Copilot (source)
- Microsoft fixes Windows update bug that uninstalled Copilot (source)
- Microsoft: Recent Windows updates cause Remote Desktop issues (source)
- Microsoft fixes printing issues caused by January Windows updates (source)
- Microsoft fixes Remote Desktop issues caused by Windows updates (source)
- Windows 10 KB5055518 update fixes random text when printing (source)
- Microsoft: April 2025 updates break Windows Hello on some PCs (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-09 | CVE-2024-20666 | Unspecified vulnerability in Microsoft products BitLocker Security Feature Bypass Vulnerability | 0.0 |