Microsoft’s latest security patch has caused quite a few headaches in the IT community, with admins having to choose between two “evils”.
In its most recent Patch Tuesday release, the Redmond software giant included a fix for the BitLocker bypass vulnerability for Windows 10. This fix addressed the problem in which BitLocker’s encryption could easily be bypassed by simply using the Windows Recovery Environment (WinRE) to access the files.
Now, Tom’s Hardware reports that some users are experiencing an update failure error when trying to install the patch. Microsoft was made aware of the flaw and is allegedly working on a fully automated update. However, until that happens, admins can either leave their endpoints vulnerable, or go through a “potentially risky partition resizing procedure”.
Reconfiguring the system
The patch is tracked as KB5034441 and was designed for Windows 10 21H2 and 22H2.
According to Microsoft, the patch sometimes fails because the recovery partition sizes vary across different systems. Hence, if the device doesn’t have enough space on the recovery partition, the patch will fail. In that case, the system returns a message saying “Windows Recovery Environment servicing failed. (CBS_E_INSUFFICIENT_DISK_SPACE).”
If you’re really eager to get the patch installed, Microsoft says it can be done with a few changes to the system configuration. By manually resizing the partition and adding some 250MB to it, admins can make sure the patch gets installed. However, the process is lengthy and includes plenty of command line work. Furthermore, Tom’s Hardware warns, there is a possibility of things going terribly wrong during the disk partition structure adjustment. “Thus, it would be advisable to create a system disk image backup before trying to resize the WinRE partition manually,” it says.
Given the importance of the patch and the size of the problem, it’s safe to assume that Microsoft will have a new patch released sooner rather than later.