Microsoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability.
While the security issue was resolved during this month's Patch Tuesday, deploying KB5034441 on systems with a Windows Recovery Environment partition that's too small will fail and mistakenly show generic '0x80070643 - ERROR INSTALL FAILURE' error messages instead of the correct CBS E INSUFFICIENT DISK SPACE error.
As a workaround, until a fix is available, the company provides customers with affected systems detailed-and quite complex-instructions on how to resize their WinRE partitions on its support website.
If creating a new WinRE partition large enough to complete this update fails, you can run reagentc /enable to re-enable the partition.
Microsoft has also released a PowerShell script that helps automate updating the WinRE partition to fix the CVE-2024-20666 flaw that allows for BitLocker encryption bypass.
The script addresses the known issue causing KB5034441 install failures on Windows 10 systems, leaving the devices vulnerable to attacks exploiting the BitLocker flaw that provides threat actors access to encrypted data.
When executed, it mounts the WinRE image, applies an architecture-specific Safe OS Dynamic Update you have to first download from the Windows Update Catalog, unmounts the image, and then reconfigures WinRE for BitLocker service if the BitLocker TPM protector is present.
After running the script, you should also use Microsoft's Show or Hide Tool to hide the KB5034441 update to prevent Windows Update from repeatedly trying to install the faulty update and displaying 0x80070643 errors.
After running the script, you may also have to use Microsoft's Show or Hide Tool to hide the KB5034441 update, so Windows Update won't try installing the buggy update and displaying an 0x80070643 error.
If you decide to resize the WinRE partition manually, it's highly recommended that you back up your data, given that there's always a chance that your system's partitions may be damaged during the process.
Microsoft shares script to update Windows 10 WinRE with BitLocker fixes.
Windows 10 KB5034441 security update fails with 0x80070643 errors.
Windows 10 KB5034122 update released with fix for shut down bug.
Microsoft fixes Windows printer issues with new troubleshooter.
Avira antivirus causes Windows computers to freeze after boot.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 15 Jan 2024 19:45:17 +0000