Windows 10 security update requires some major changes - experts only need apply

Windows 10 Logo on Laptop
(Image credit: Shutterstock - Wachiwit)

Microsoft’s latest security patch has caused quite a few headaches in the IT community, with admins having to choose between two “evils”.

In its most recent Patch Tuesday release, the Redmond software giant included a fix for the BitLocker bypass vulnerability for Windows 10. This fix addressed the problem in which BitLocker’s encryption could easily be bypassed by simply using the Windows Recovery Environment (WinRE) to access the files.

Now, Tom’s Hardware reports that some users are experiencing an update failure error when trying to install the patch. Microsoft was made aware of the flaw and is allegedly working on a fully automated update. However, until that happens, admins can either leave their endpoints vulnerable, or go through a “potentially risky partition resizing procedure”.

Reader Offer: Save up to 68% on Aura identity theft protection

Reader Offer: Save up to 68% on Aura identity theft protection
TechRadar editors praise Aura's upfront pricing and simplicity. Aura also includes a password manager, VPN, and antivirus to make its security solution an even more compelling deal. Save up to 50% today. 

 Preferred partner (What does this mean?) 

Reconfiguring the system

The patch is tracked as KB5034441 and was designed for Windows 10 21H2 and 22H2.

According to Microsoft, the patch sometimes fails because the recovery partition sizes vary across different systems. Hence, if the device doesn’t have enough space on the recovery partition, the patch will fail. In that case, the system returns a message saying “Windows Recovery Environment servicing failed. (CBS_E_INSUFFICIENT_DISK_SPACE).”

If you’re really eager to get the patch installed, Microsoft says it can be done with a few changes to the system configuration. By manually resizing the partition and adding some 250MB to it, admins can make sure the patch gets installed. However, the process is lengthy and includes plenty of command line work. Furthermore, Tom’s Hardware warns, there is a possibility of things going terribly wrong during the disk partition structure adjustment. “Thus, it would be advisable to create a system disk image backup before trying to resize the WinRE partition manually,” it says.

Given the importance of the patch and the size of the problem, it’s safe to assume that Microsoft will have a new patch released sooner rather than later.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.