When attempting to install the Windows KB5034441 security update for BitLocker on Patch Tuesday millions of Windows 10 users are greeted by the 0x80070643 errors and the installation is failing.
After the failed installation, the PC would reboot with a failed installation message and ask users to try again.
The error stated that,
“There were some problems installing updates, but we’ll try again later. If you keep seeing this and want to search the web or contact support for information, this may help: (0x80070643).”
The update brought a BitLocker encryption bypass that allows users to access encrypted data.
So basically, Microsoft is installing a new version of the Windows Recovery Environment (WinRE) that fixes the BitLocker vulnerability.
Microsoft has also shared a solution to fix the aforementioned problem, so feel free to follow it if you’re facing the issue,
- Open the Command Prompt window (cmd) as admin.
- To check the WinRE status, runย reagentc /info. If the WinRE is installed, there should be a โWindows RE locationโ with a path to the WinRE directory. An example is, โWindows RE location: [file://%3f/GLOBALROOT/device/harddisk0/partition4/Recovery/WindowsRE]\\?\GLOBALROOT\device\harddisk0\partition4\Recovery\WindowsRE.โ Here, the number after โharddiskโ and โpartitionโ is the index of the disk and partition WinRE is on.
- To disable the WinRE, runย reagentc /disable
- Shrink the OS partition and prepare the disk for a new recovery partition.
- To shrink the OS, runย diskpart
- Runย list disk
- To select the OS disk, runย sel disk<OS disk index>ย This should be the same disk index as WinRE.
- To check the partition under the OS disk and find the OS partition, runย list part
- To select the OS partition, runย sel part<OS partition index>
- Runย shrinkย desired=250 minimum=250
- To select the WinRE partition, runย sel part<WinRE partition index>
- To delete the WinRE partition, runย delete partition override
- Create a new recovery partition.
- First, check if the disk partition style is a GUID Partition Table (GPT)ย or a Master Boot Record (MBR).ย To do that, runย list disk. Check if there isย an asterisk character (*) in the โGptโ column.ย If there is an asterisk character (*), then the drive is GPT. Otherwise, the drive is MBR.
- If your disk is GPT, runย create partition primary id=de94bba4-06d1-4d40-a16a-bfd50179d6acย followed by the commandย gpt attributes =0x8000000000000001
- If your disk is MBR, runย create partition primary id=27
- To format the partition, runย format quick fs=ntfs label=โWindows RE toolsโ
- First, check if the disk partition style is a GUID Partition Table (GPT)ย or a Master Boot Record (MBR).ย To do that, runย list disk. Check if there isย an asterisk character (*) in the โGptโ column.ย If there is an asterisk character (*), then the drive is GPT. Otherwise, the drive is MBR.
- To confirm that the WinRE partition is created, runย list vol
- To exit from diskpart, runย exit
- To re-enable WinRE, runย reagentc /enable
- To confirm where WinRE is installed, runย reagentc /info
If you carefully follow these steps the update will install flawlessly.
