News Microsoft KB5034441 Windows 10 security patch for BitLocker bypass is leading to errors and has a complicated fix

Toggle sidebar Toggle sidebar
"As the problem seems so widespread among Windows 10 users, and Microsoft knows it has goofed, we don’t think it will be too long until a full official solution is released."

yeah, I'll believe it when I see it. I imagine affected users will be affected for at least 3-4 weeks.

What's the over/under on that?
 
It's strange that the Recovery partition size varies from install to install

It also doesn't seem to always be in the same position - in Disk Management sometimes it's before C, and other times after
 
TJ Hooker said:
Why is this an example of that? The patch doesn't break anything if it fails, it just isn't successful in patching the intended vulnerability.
Click to expand...
not on my laptop unfortunately, the update security patch failed, and left my laptop with near constant error reporting.. about every second the mouse icon would go busy as error reporting kicked in.. microsofts server must be getting filled up with error reports if my laptop is anything to go by.. i had to hopefully temporary disabled / turn off microsoft error reporting service so could use my laptop without getting mouse icon seizures... seems microsoft forgot about a scenario where your partition that need enlarging for the bitlocker patch to install isn't right next to the main system drive.. crucial SSD's have a feature called momentum, where a small partition is used to cache data to speed it up.. this tends to be next to the main drive partition - the one where this security patch believes the recovery reserved partition should be - extremely carelessness by microsoft on this one.. initially my laptop wouldn't reboot.

CORRECTION: wasn't the momentum cache (which uses ram but 'over provisioning' which does.

What is Over Provisioning?​


Over Provisioning (OP) is a feature of Storage Executive that allows you to allocate additional space on the SSD for the controller to use.
 
Last edited:
AloofBrit said:
It's strange that the Recovery partition size varies from install to install

It also doesn't seem to always be in the same position - in Disk Management sometimes it's before C, and other times after
Click to expand...
exactly and not even right next to the C drive, crucial SSDs have a feature called 'momentum caching' were a reserved partition is used to cache read/write data.. (optional).. this also tends to be right next to the main C partition.. also to say on an install error it causes no problems is wrong, it left my laptop mouse icon having near seizures when the windows error reporting service continually kept kicking in., as probably related to the crucial SSD momentum cache partition caused boot problems (fortunately fixed). i had to turn the error reporting off as sadly no expert in understanding error logs. as it was reporting nearly every second to microsoft's servers, suspect they might be getting fairly overloaded by now with logs.. if even only a small percentages of devices are affected.
 
dbaldwin said:
exactly and not even right next to the C drive, crucial SSDs have a feature called 'momentum caching' were a reserved partition is used to cache read/write data.. (optional).. this also tends to be right next to the main C partition.. also to say on an install error it causes no problems is wrong, it left my laptop mouse icon having near seizures when the windows error reporting service continually kept kicking in., as probably related to the crucial SSD momentum cache partition caused boot problems (fortunately fixed). i had to turn the error reporting off as sadly no expert in understanding error logs. as it was reporting nearly every second to microsoft's servers, suspect they might be getting fairly overloaded by now with logs.. if even only a small percentages of devices are affected.
Click to expand...
i suspect an update might be coming quicker than normal, if many other laptops are doing second by second error reporting to microsoft, and people don't know or don't wish to turn it off.
 
dbaldwin said:
exactly and not even right next to the C drive, crucial SSDs have a feature called 'momentum caching' were a reserved partition is used to cache read/write data.. (optional).. this also tends to be right next to the main C partition.. also to say on an install error it causes no problems is wrong, it left my laptop mouse icon having near seizures when the windows error reporting service continually kept kicking in., as probably related to the crucial SSD momentum cache partition caused boot problems (fortunately fixed). i had to turn the error reporting off as sadly no expert in understanding error logs. as it was reporting nearly every second to microsoft's servers, suspect they might be getting fairly overloaded by now with logs.. if even only a small percentages of devices are affected.
Click to expand...
Momentum cache uses your system memory (RAM) as a cache, not a separate SSD partition. So it shouldn't be a factor in the issues you're having.

That being said, I'm sorry to hear this patch is causing you issues. I was just going off what was stated in this article that didn't mention any knock-on effects from a failed patch.
 
TJ Hooker said:
Why is this an example of that? The patch doesn't break anything if it fails, it just isn't successful in patching the intended vulnerability.
Click to expand...

This patch is supposed to perform an automatic WinRE partition resize to be able to install an update. Why is the partition too small, and why is the security update so big to begin with are questions for another time but nvertheless valid questions, just like the question why on most older Win10 installs recovery partition isn't the last one but it is instead located before C: partition so it cannot be resized without risking your data.

Because of crap like this, enterprise admins (who have to use BitLocker and to install patches as soon as possible) are now left scrambling to manually fix the failure.

Imagine having a fleet of a couple hundreds of laptops in remote locations. Even if you only have dozens that failed that's still a tremendous amount of expensive work, not to mention downtime for all the workers who have it broken while the admin logs in and fixes it.

You pay for the OS license, you pay E3 or E5 subscriptions, you pay for Azure, you pay for support, and you are still the one left holding the bag. So yes, it is quite a good example of why forced updates are bad -- even if it didn't brick your fleet it stil incurs tremendous cost and effort because of their sloppy coding.
 
CmdrShepard said:
This patch is supposed to perform an automatic WinRE partition resize to be able to install an update. Why is the partition too small, and why is the security update so big to begin with are questions for another time but nvertheless valid questions, just like the question why on most older Win10 installs recovery partition isn't the last one but it is instead located before C: partition so it cannot be resized without risking your data.

Because of crap like this, enterprise admins (who have to use BitLocker and to install patches as soon as possible) are now left scrambling to manually fix the failure.

Imagine having a fleet of a couple hundreds of laptops in remote locations. Even if you only have dozens that failed that's still a tremendous amount of expensive work, not to mention downtime for all the workers who have it broken while the admin logs in and fixes it.

You pay for the OS license, you pay E3 or E5 subscriptions, you pay for Azure, you pay for support, and you are still the one left holding the bag. So yes, it is quite a good example of why forced updates are bad -- even if it didn't brick your fleet it stil incurs tremendous cost and effort because of their sloppy coding.
Click to expand...
Again, what does that have to do with it being a "forced" update? Say instead this same patch was an optional update that had to be manually selected for install. How would that change anything for the enterprise admin?

In your example, the issue is the fact that the patch doesn't work, not whether it is installed automatically or manually.
 
TJ Hooker said:
Momentum cache uses your system memory (RAM) as a cache, not a separate SSD partition. So it shouldn't be a factor in the issues you're having.

That being said, I'm sorry to hear this patch is causing you issues. I was just going off what was stated in this article that didn't mention any knock-on effects from a failed patch.
Click to expand...
Hi, not when I enabled it, using crucial's software tool, it actually created a new partition on free space.. right next to the main drive.. i think it was the momentum cache, eitherway crucial SSD software created a new partition.
 
TJ Hooker said:
Momentum cache uses your system memory (RAM) as a cache, not a separate SSD partition. So it shouldn't be a factor in the issues you're having.

That being said, I'm sorry to hear this patch is causing you issues. I was just going off what was stated in this article that didn't mention any knock-on effects from a failed patch.
Click to expand...
just checked the executive tool, I am both right and wrong.. you are right that the momentum feature uses ram, but over provisioning uses a new partition..

What is Over Provisioning?​


Over Provisioning (OP) is a feature of Storage Executive that allows you to allocate additional space on the SSD for the controller to use.
 
  • Like
Reactions: TJ Hooker
dbaldwin said:
just checked the executive tool, I am both right and wrong.. you are right that the momentum feature uses ram, but over provisioning uses a new partition..

What is Over Provisioning?​


Over Provisioning (OP) is a feature of Storage Executive that allows you to allocate additional space on the SSD for the controller to use.
Click to expand...
suspect that it why my laptop suddenly developed problems.. fortunately not fatal ones.
 
CmdrShepard said:
just like the question why on most older Win10 installs recovery partition isn't the last one but it is instead located before C: partition so it cannot be resized without risking your data.
Click to expand...
Because windows 10 is old enough that it was installed on MBR systems mostly and those can't boot from partitions above some Tb so they would put all bootable partitions before the main OS partition.

Also if you read the article and go to the MS solution artcile about it you will see them using a cmd command called reagentc looking that up will reveal that you can just set a new RE environment for windows on whatever partition you can easily create.
https://learn.microsoft.com/en-us/w...mmand-line-options?view=windows-11#setreimage
 
dbaldwin said:
suspect that it why my laptop suddenly developed problems.. fortunately not fatal ones.
Click to expand...
Sounds like you had RAM caching and over provisioning turned on

From dabbling with Crucial/Micron and Samsung's SSD tool, turning on over provisioning shrinks the C by around 10% and leaves that space unallocated (technically it isn't a partition)

The conventional wisdom seems to be that over provisioning is unnecessary (and a lot of drives already do it automatically in the hardware)
 
TerryLaze said:
Because windows 10 is old enough that it was installed on MBR systems mostly and those can't boot from partitions above some Tb so they would put all bootable partitions before the main OS partition.
Click to expand...
Thing is, the Recovery partition is not bootable -- it just contains the WinRE.wim image file so it can be literally anywhere on the disk.
TerryLaze said:
Also if you read the article and go to the MS solution artcile about it you will see them using a cmd command called reagentc looking that up will reveal that you can just set a new RE environment for windows on whatever partition you can easily create.
https://learn.microsoft.com/en-us/w...mmand-line-options?view=windows-11#setreimage
Click to expand...
I am well aware of this, however I just had this update fail on a Windows Server 2022 which had the following partition layout on a GPT disk:

Code: 
| Recovery (500 MB) | EFI (100 MB) | MSR (16 MB) | Windows (475 GB) | Recovery (500 MB) |

What the heck was the Windows Server 2022 Setup thinking when it made this poor partition layout on an empty 512 GB SSD on a system with UEFI BIOS with CSM disabled?

- Yes, I can delete both Recovery partitions.
- Yes, I can shrink the Windows partition to make room for 768 MB Recovery partition at the end.
- Yes, I can create 768 MB Recovery partition manually and use reagentc to set it up.

But I can't move EFI, MSR, or Windows partition to the beginning of the disk to avoid losing 0.5 GB of free space without 3rd party tools which aren't free to use. Only way to fix it properly is to reinstall, and since it's a domain controller it is simply not worth the trouble.

The finer point that might be lost on you is that Microsoft developers' incompetence has deprived me of 0.5 GB of free disk space (first Recovery partition), and at least 30 minutes of my free time to manually fix their <Mod Edit> so that the update can install.

And this is just one personal DC I have at home. I can't even imagine the amount of work enterprise admins had to put in to fix theirs. And we are all paying our licensing and support fees, hence the outrage.
 
Last edited by a moderator:
Why fix it? I don't use Bitlocker encryption for Windows 10 at least for my personal computer. The instructions aren't made for the average user, but engineers or experienced/advanced computer gurus. Wait for the next update.
 
Last edited by a moderator:
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom