[German]Since January 2024, users of Windows 10 and Windows 11 (as well as Windows Server 2022) have been struggling with Microsoft's attempt to install an update to the WinRE environment. In January 2024, numerous users around the patchday were met with the installation error 0x80070643 when trying to install the KB5034441 update. Despite several attempts to rectify the situation in the following months, Microsoft was unable to eliminate the installation error. Now comes the admission that there is no automatic fix for the update – manual work is required.
Advertising
WinRE update fails with installation error 0x80070643
A BitLocker Security Feature Bypass vulnerability CVE-2024-20666 in Windows has been known for some time. The vulnerability allows an attacker with physical access to the system to use the BitLocker Device Encryption function to gain access to data that is actually encrypted with BitLocker. Windows 10, Windows 11 and Windows Server 2022 are potentially affected.#
To eliminate the vulnerability, Microsoft has provided an update on January 9, 2024, for which some information can be found under the support article KB5034441. The update is intended to ensure that the Windows Recovery Environment (WinRE) is updated. This update automatically applies the dynamic Safe Os update (e.g. KB5034232, KB5034236 etc.) to the Windows Recovery Environment (WinRE) on a running PC.
Microsoft's update attempt turned into a drama because numerous users ran into the installation error 0x80070643 during the update installation. I first reported on the problem in the blog post Windows WinRE update (for Bitlocker Bypassing vulnerability CVE-2024-20666) fails with installation error 0x80070643 (Jan. 2024, KB5034441) and also outlined workarounds. Microsoft only commented succinctly:
Devices attempting to install the January 2024 Windows Recovery Environment Update (KB5034441) may display an error related to the size of the Recovery Environment partition. The Windows Recovery Environment (WinRE) is used to repair or recover from problems affecting Windows. As a result of this error, the following message may be displayed.
"0x80070643 – ERROR_INSTALL_FAILURE"
Systems with Windows 11 version 21H2, Windows 10 version 21H2 – 22H2 and Windows Server 2022 are affected. In the meantime, Microsoft has also stated that this update (KB5034441) is not required for Windows systems on which no recovery environment is configured. The error could be ignored, it said, even if users on unmanaged systems may encounter the installation error again and again. Microsoft has been trying to roll out an installable update version since January 2024, but this has failed (see e.g. Microsoft is working on a fix for the installation error 0x80070643 (WinRE update KB5034441) and the articles linked at the end of the article). There is also an installation script for customizing the WinRE partition – but this was partially unsuccessful.
There will be no more fix
Affected users have already expressed the hope that "I'll wait until Microsoft provides a fix and installs the update". This hope has not been fulfilled in recent months. Now Microsoft has confirmed that the hope for an automatic solution is in vain. In the Windows Health status area for Windows, Redmond has published a special gem in the Known Issues section on April 30, 2024.
Advertising
In the article The January 2024 Windows RE update might fail to install, the case opened on January 12, 2024 has now been marked as "resolved" on April 30, 2024. Redmond writes about the "solution":
Resolution: Automatic resolution of this issue won't be available in a future Windows update. Manual steps are necessary to complete the installation of this update on devices which are experiencing this error.
There will be no automatic solution to this problem from Microsoft in the future. Anyone who has the error during the update installation must intervene manually (as I have indicated in the following posts by changing the size and position of the WinRE partition) in order to complete the installation successfully if necessary. This is now official confirmation that Microsoft is throwing in the towel. Let me put it this way: "This probably wouldn't have happened with Linux".
Similar article:
Windows WinRE update (for Bitlocker Bypassing vulnerability CVE-2024-20666) fails with installation error 0x80070643 (Jan. 2024, KB5034441)
Microsoft is working on a fix for the installation error 0x80070643 (WinRE update KB5034441)
Microsoft's PowerShell script against installation error 0x80070643 for KB5034441 (Jan. 2024)
Windows 10: Update KB5034441 fails again with error 0x80070643 in February 2024
Windows 10: Update KB5001716 is installed secretly; throws error 0x80070643
Advertising
why not use wushowhide.diagcab to hide/block the KB5034441 update?
I keep hiding this update with either wumgr or wushowhide.diagcab anytime KB5034441 shows up on windows update on all my win10 pcs.
recently from Neowin – Microsoft posts requirements for KB5034441/KB5034440 updates that cause "0x80070643" error
https://www.neowin.net/news/microsoft-posts-requirements-for-kb5034441kb5034440-updates-that-cause-0x80070643-error/
new article from Neowin – Microsoft kills unfixable KB5034440/KB5034441 updates, replaces with KB5042321/KB5042320:
https://www.neowin.net/news/microsoft-kills-unfixable-kb5034440kb5034441-updates-replaces-with-kb5042321kb5042320/