Microsoft's Latest Patch Tuesday Updates: A Closer Look
Earlier today, Microsoft rolled out its monthly Patch Tuesday updates, addressing various issues across its Windows operating systems. The updates for Windows 10 include KB5041580, KB5041578, KB5041773, and KB5041782, while Windows 11 users can expect updates KB5041585, KB5041592, and KB5041571 for versions 23H2, 22H2, and 21H2, as well as the newly released 24H2.
Retirement of Problematic Updates
In a significant move, Microsoft has quietly retired the troublesome KB5034441 and KB5034440 WinRE updates, which had been a source of frustration for users of both Windows 10 and 11. These updates were notorious for triggering the “0x80070643 – ERRORINSTALLFAILURE” error, particularly on systems lacking adequate space in their recovery partitions. As a result, users found themselves navigating the complexities of manually resizing their recovery partitions, either through Microsoft’s step-by-step guide (KB5028997) or by employing a PowerShell script.
For context, these WinRE updates were initially introduced to address a critical BitLocker Secure Boot bypass vulnerability identified as “CVE-2024-20666.” This security flaw posed a risk of allowing attackers to circumvent BitLocker encryption if they gained physical access to an unpatched machine. It’s important to note that this issue is distinct from the vulnerabilities addressed in the latest Patch Tuesday updates.
Upon recognizing the persistent “0x80070643” installation failure, Microsoft had previously assured users that a fix would be forthcoming. However, in May of this year, the company conceded that an automatic resolution would not be available through future updates, leaving manual workarounds as the only viable solution. To assist users in determining their need for the WinRE updates, Microsoft provided a comprehensive list of requirements.
Now, with the retirement of the problematic updates, Microsoft has replaced KB5034440 and KB5034441 with new support documents for KB5042321 and KB5042320, respectively. These documents include the following clarification:
August 13, 2024 Moved this content from update KB5034440/KB5034441 which has been retired.
The summary sections for the new updates have also been revised to reflect their purpose:
Summary
This update automatically applies Safe OS Dynamic Update (KB5034236 / KB5034232) to the Windows Recovery Environment (WinRE) on a running PC. The update installs improvements to Windows recovery features.
NOTE: This update requires 250 MB of free space in the recovery partition to install successfully. If you would like to ensure your device is offered this update, please follow the Instructions to manually resize your partition or use a sample script to increase the size of the WinRE recovery partition. Once your partition has sufficient disk space, click Start > Settings > Windows Update > Check for updates to have the update offered to you and then install it.
As users navigate these updates, there is a collective hope that similar issues will not resurface. For further details, the official support articles can be accessed on Microsoft’s website (KB5042321 / KB5042320).