We are aware of a Microsoft issue that concerns the recent OS update KB5034441 for Windows Recovery Environment (WinRE). This important update addresses a security vulnerability identified as CVE-2024-20666, which could potentially allow attackers to bypass BitLocker encryption by exploiting WinRE.
Problem identified – CVE-2024-20666
Our team has observed multiple reports of installation failures for KB5034441. The primary cause of these failures is insufficient disk space in the Windows recovery partition. When this issue occurs, the installation process is likely to terminate with the error code 0x80070643. Microsoft is cognizant of this problem and has provided detailed information in their Knowledge Base (KB) article.
Recommended next steps
To effectively address this issue, Microsoft has released a set of instructions that guide users on manually resizing their partition to facilitate the successful installation of the WinRE update. It is crucial for users to follow these instructions to ensure their systems remain secure and up to date.
For detailed instructions on how to manually resize your partition for the WinRE update, please visit the Microsoft support page at KB5028997 – Instructions to Manually Resize Your Partition to Install the WinRE Update.
Microsoft has also released a PowerShell script to automate the update of the Windows Recovery Environment (WinRE) in response to CVE-2024-20666.
Two versions of the script are available for different Windows versions:
- PatchWinREScript_2004plus.ps1: Recommended for Windows 10 (version 2004 and later) and Windows 11.
- PatchWinREScript_General.ps1: Compatible with all Windows 10 and Windows 11 versions, intended for earlier Windows 10 versions (pre-2004).
We strongly encourage all users to review their system’s available disk space and consider applying this update as soon as possible to maintain system integrity and security. Our team at NinjaOne is committed to keeping you informed and supporting you throughout this process.
Should you encounter difficulties or have further inquiries, please contact our support team.