Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024
  • Software News

    Microsoft issues KB5034440, KB5034441 Windows updates for BitLocker Secure Boot flaw

    Karlston

    By Karlston,
    Published Date:

    • 2 comments
    • 998 views
    • 2 minutes
     Share
    • 2 comments
    • 998 views
    • 2 minutes

    Microsoft released the first Windows 10 and 11 Patch Tuesday updates of 2024 earlier yesterday with the January updates KB5034122 and KB5034123 respectively. The updates are meant to address security issues within Windows. The one for 11 also fixes the recent Wi-Fi troubles that led to networks not connecting or the Wi-Fi icon not showing.

     

    In a separate article, the company has also detailed another security fix for a BitLocker Secure Boot bypass vulnerability that is being tracked under ID "CVE-2024-20666". Microsoft says that the security flaw could allow attackers to bypass BitLocker encryption if they are able to get physical access to an unpatched PC.

     

    The issue has been addressed by KB5034441 (on Windows 10) and KB5034440 (on Windows 11) which is a WinRE (Windows Recovery Environment) update. Microsoft in its bulletins explains:

     

    KB5034440: Windows Recovery Environment update for Windows 11, version 21H2: January 9, 2024

     

    Summary

     

    This update addresses a security vulnerability that could allow attackers to bypass BitLocker encryption by using Windows Recovery Environment (WinRE).

     

    ...

     

    KB5034441: Windows Recovery Environment update for Windows 10, version 21H2 and 22H2: January 9, 2024

     

    Summary

     

    This update addresses a security vulnerability that could allow attackers to bypass BitLocker encryption by using Windows Recovery Environment (WinRE).

    You cannot manually download this update from the Microsoft Update Catalog website as it will automatically be downloaded whilst you are connected to the internet alongside the Patch Tuesday update. The patch is being rolled out to both Windows 10 versions, 22H2 and 21H2.

     

    Alongside this, Microsoft has also cautioned about inadequate space on the recovery partition which can lead to a "0x80070643 - ERROR_INSTALL_FAILURE" error message. It writes:

     

    Some computers might not have a recovery partition that is large enough to complete this update. Because of this, the update for WinRE might fail. In this case, you will receive the following error message:

     

    Windows Recovery Environment servicing failed.
    (CBS_E_INSUFFICIENT_DISK_SPACE)

     

    Known issue Because of an issue in the error code handling routine, you might receive the following error message instead of the expected error message when there is insufficient disk space:

     

    0x80070643 - ERROR_INSTALL_FAILURE

    You can fix this issue by allocating an additional 250 MB of storage space to the recovery partition. Details on how to do that can be found in this dedicated article.

     

    Source

    • DLord and kkwong7878
    • Like 2
     Share
    Go to news

    User Feedback

    Recommended Comments

    DLord

    DLord 599

    Posted (edited)

    Took me 2 hours (yeah right!) to fix the mentioned update problem yesterday as my computer did not have the recovery partition to begin with.

    It would be great if the dumb person in charge of compiling this update would bother considering cases like this; forcing an update for a future that a PC does not have!!!

    Edited by DLord
    • Tux 528 and Miroglu
    • Like 2
    Link to comment
    Share on other sites
    DLord

    Well friends FYI, so I thought I fixed the problem! (shrinking the OS partition, creating a large enough Recovery partition, extracting the Winre image and installing it to the mentioned partition, making it active and finally installing the damn KB5034441 and the rest of the January 2024 patch-batch) and done!  But hell NO!

    The entire OS is a mess.  M$ Store is gone from Apps and Features, meaning that I am unable to repair/reset/uninstall M$ Store; all M$ Store apps are nonfunctional, WSL crashes, default apps' settings are gone, unsupported CPU futures such as VBS, SLAT/PE, etc. (at least for my good old CPU) are supposedly patched and enabled, and then some!

    Long story short, after 4 long days I'm still trying to get everything back to where it was, with partial outcome so far.  Many thanks to the incompetent as*holes at M$, who are brain-dead at best.  Way to go motherf*ckers!!!

     

     

    Link to comment
    Share on other sites


    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...