CVE-2024-20666 Vulnerability Creates Patch Failures for WinRE OS Update

  • by NinjaOne
,
  • Last updated
NinjaOne logo
,
  • Last updated

We are aware of a Microsoft issue that concerns the recent OS update KB5034441 for Windows Recovery Environment (WinRE). This important update addresses a security vulnerability identified as CVE-2024-20666, which could potentially allow attackers to bypass BitLocker encryption by exploiting WinRE.

Problem identified – CVE-2024-20666

Our team has observed multiple reports of installation failures for KB5034441. The primary cause of these failures is insufficient disk space in the Windows recovery partition. When this issue occurs, the installation process is likely to terminate with the error code 0x80070643. Microsoft is cognizant of this problem and has provided detailed information in their Knowledge Base (KB) article.

Recommended next steps

To effectively address this issue, Microsoft has released a set of instructions that guide users on manually resizing their partition to facilitate the successful installation of the WinRE update. It is crucial for users to follow these instructions to ensure their systems remain secure and up to date.

For detailed instructions on how to manually resize your partition for the WinRE update, please visit the Microsoft support page at KB5028997 – Instructions to Manually Resize Your Partition to Install the WinRE Update.

Microsoft has also released a PowerShell script to automate the update of the Windows Recovery Environment (WinRE) in response to CVE-2024-20666.

Two versions of the script are available for different Windows versions:

  1. PatchWinREScript_2004plus.ps1: Recommended for Windows 10 (version 2004 and later) and Windows 11.
  2. PatchWinREScript_General.ps1: Compatible with all Windows 10 and Windows 11 versions, intended for earlier Windows 10 versions (pre-2004).

NinjaOne support

We strongly encourage all users to review their system’s available disk space and consider applying this update as soon as possible to maintain system integrity and security. Our team at NinjaOne is committed to keeping you informed and supporting you throughout this process.

Should you encounter difficulties or have further inquiries, please contact our support team.

Next Steps

Patching is the single most critical aspect of a device hardening strategy. According to Ponemon, almost 60% of breaches could be avoided through effective patching. NinjaOne makes it fast and easy to patch all your Windows, Mac, and Linux devices whether remote or on-site.

Learn more about NinjaOne Patch Management, schedule a live tour, or start your free trial of the NinjaOne platform.

Start your Patching Free Trial

You might also like

Global RMM and PSA Leadership Matrix 2024

NinjaOne Recognized as a Champion in Canalys RMM and PSA Leadership Matrix

Top 11 Reasons to choose NinjaOne RMM

Top 11 Reasons MSPs Choose NinjaOne RMM

NinjaOne01 SysTray Automations

NinjaOne MSP Manifesto, We Grow and Protect Your Business

Customers Rate NinjaOne No.1 in 11 IT Categories in G2’s Fall 2024 Report

ISO 27001 Certified

NinjaOne is ISO27001 Compliant

Ready to become an IT Ninja?

Learn how NinjaOne can help you simplify IT operations.

Start a Free Trial
Get a demo
×

See NinjaOne in action!

By submitting this form, I accept NinjaOne's privacy policy.

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
I Accept