• EN

Watch out for KB5034441 released to patch CVE-2024-20666

dips
Userlevel 7
Badge +7
  • dips
  • Veeam Legend
  • 711 comments

Microsoft released KB5034441 as part of Patch Tuesday. However, on Windows 10 the update is causing issues:

More here:

 

Summary

This update addresses a security vulnerability that could allow attackers to bypass BitLocker encryption by using Windows Recovery Environment (WinRE). For more information, see CVE-2024-20666.

IMPORTANT

Some computers might not have a recovery partition that is large enough to complete this update. Because of this, the update for WinRE might fail. In this case, you will receive the following error message:

  • Windows Recovery Environment servicing failed.
    (CBS_E_INSUFFICIENT_DISK_SPACE)

To help you recover from this failure, please follow Instructions to manually resize your partition to install the WinRE update.

Known issue Because of an issue in the error code handling routine, you might receive the following error message instead of the expected error message when there is insufficient disk space:

  • 0x80070643 - ERROR_INSTALL_FAILURE
Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

14 comments

coolsport00
Userlevel 7
Badge +17

Ugh. 😕

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Chris.Childerhose
Userlevel 7
Badge +20

Why does MS release patches but make it more difficult lately.  😒

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
dloseke
Userlevel 7
Badge +6

Sigh….Microsoft patching is always a crapshoot the past few years….

Derek M. Loseke, Senior Systems Engineer | Veeam Legend 2022-2023 | VMSP/VMTSP | VCP6-DCV | VSP/VTSP | CCNA | https://technotesanddadjokes.com | @dloseke
coolsport00
Userlevel 7
Badge +17

Brightside? At least it's not like the printing issue from 3-4yrs ago 😳

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Chris.Childerhose
Userlevel 7
Badge +20

Brightside? At least it's not like the printing issue from 3-4yrs ago 😳

That is very true.  🤣

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
dips
Userlevel 7
Badge +7

You would think Microsoft would do some testing prior to releasing patches. The patch will need a patch to patch the original issue 🙄

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
CarySun
Userlevel 7
Badge +7

This does not impact Windows 10 only. It seems also to impact Windows Server 2022.

Microsoft has released PowerShell scripts that automate the installation of the BitLocker CVE-2024-20666 security patch to the Windows 10 Windows Recovery Environment (WinRE).

Unfortunately, even after running this PowerShell script, Windows Update will continue to try to install the KB5034441 update, causing continued errors to be displayed.

If you use the PowerShell script to install the BitLocker fixes, you should hide the KB5034441 update using Microsoft's Show or Hide Tool so that Windows Update no longer offers it on your system.

Veeam Vanguard | Veeam Legend | VMCE 2024 | Microsoft MVP | Cisco Insider Champion | CISCO CCIE #4531 | Web Site - carysun.com | Blog Site - gooddealmart.com | Blog Site - checkyourlogs.net | X: @SifuSun | LinkedIn: https://www.linkedin.com/in/sifusun/ | Amazon Author: https://Amazon.com/author/carysun
TylerJurgens
Userlevel 7
Badge +6

Even more fun, if you’ve straight up deleted the recovery partition on Server 2022 (because its at the end of your disk layout now and you needed to expand the disk) you’ll get an error installing that KB.

 

So now you either hide that KB or you re-create that recovery partition. Gross. 

Tyler Jurgens | Cloud Infrastructure Engineer | Veeam Legend x2 | vExpert ** | VMSP/VMTSP | VCP-2020 | VSP/VTSP | Tanzu Vanguard | VMUG Calgary Leader | VUG Canada Leader | https://explosive.cloud | @Tyler_Jurgens | BlueSky: @tylerjurgens.bsky.social
S

After installing KB5034441, no more Veeam Windows Agent Backup was possible. Error: “31.01.2024 10:41:41 :: Error: Volume \\?\Volume{7d411b1d-8d8c-4c52-b2fc-5d42166fb1f8} is offline”

After deinstalling, it was no more a problem.  Thanks to M$. 

 

Chris.Childerhose
Userlevel 7
Badge +20

After installing KB5034441, no more Veeam Windows Agent Backup was possible. Error: “31.01.2024 10:41:41 :: Error: Volume \\?\Volume{7d411b1d-8d8c-4c52-b2fc-5d42166fb1f8} is offline”

After deinstalling, it was no more a problem.  Thanks to M$. 

 

Yes there have been a few of these lately from MS.  Hopefully they address them with a new patch to fix things up.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Nico Losschaert
Userlevel 7
Badge +11

Thx for sharing @dips.

IMHO Microsoft sees the customers as a large test-environment 🙄.

#Veeam Legend 5* | VMCA 2* | VMCE 3* | VMTSP+ 2* | VMSP 2* | DCIE 2* | Loves Best Practices | Twitter : @NLosschaert
dips
Userlevel 7
Badge +7

Thx for sharing @dips.

IMHO Microsoft sees the customers as a large test-environment 🙄.

Yep, we are all testers in some form :P 

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk
vAdmin
Userlevel 7
Badge +2

It's better to test the system in our test environment first, and then perform a controlled release into the most likely attacked computers.

Also, please keep in mind that the attacker will try to test our security measures as well when they get the chance.

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner
dloseke
Userlevel 7
Badge +6

Thx for sharing @dips.

IMHO Microsoft sees the customers as a large test-environment 🙄.

Yep, we are all testers in some form :P 

Everyone has a test environment.  Not everyone is fortunate enough to have a separate production environment.

Derek M. Loseke, Senior Systems Engineer | Veeam Legend 2022-2023 | VMSP/VMTSP | VCP6-DCV | VSP/VTSP | CCNA | https://technotesanddadjokes.com | @dloseke

Comment


Terms & Conditions