Running into the 0x80070643 error when trying to install the Windows 10 security update KB5034441? You’re not alone. This security update, aimed at fixing a BitLocker encryption bypass vulnerability (CVE-2024-20666), has been causing installation headaches for users around the globe. But don't worry, there's a way to fix it.
The root cause of the error 0x80070643 is insufficient disk space in the Windows Recovery Environment (WinRE) partition. Typically, Windows 10 creates a recovery partition of about 500MB, but the new WinRE image included in the KB5034441 package requires more space, leading to the error.
Fixing Error 0x80070643
Microsoft has suggested a solution that involves manually recreating a larger WinRE partition. This might sound a bit technical, but we'll guide you through the process step by step. Remember, it's important to back up your data before proceeding, as there's always a risk of data loss when modifying disk partitions.
1. Open Command Prompt with Admin and Temporarily Disable WinRE:
- Right-click on the Start button on the Taskbar and select 'Terminal (admin)' from the menu.
- In the Terminal Command Prompt window, type
reagentc /disable
and press Enter. This step temporarily disables the Windows Recovery Environment.
2. Prepare for Partition Resizing:
- Type
diskpart
and press Enter to launch the Disk Partition tool. - Type
list disk
and press Enter to display all disks. Identify the disk where your OS is installed (usually Disk 0). - Type
sel disk X
(replace X with the number of your OS disk) and press Enter. - Type
list part
to see all partitions. Identify the partition numbers for both the OS and the WinRE partition. - Select the OS partition by typing
sel part Y
(replace Y with your OS partition number) and shrink it by typingshrink desired=250 minimum=250
and press Enter. This creates 250MB of unallocated space.
3. Delete the Old WinRE Partition:
- Select the WinRE partition by typing
sel part Z
(replace Z with the WinRE partition number). - Type
delete partition override
to remove the old WinRE partition.
4. Create a New WinRE Partition:
- Check if your disk is GPT (GUID Partition Table) or MBR (Master Boot Record) by looking for an asterisk (*) in the 'Gpt' column when you ran
list disk
. - For GPT, type
create partition primary id=de94bba4-06d1-4d40-a16a-bfd50179d6ac
followed bygpt attributes =0x8000000000000001
. - For MBR, simply type
create partition primary id=27
. - Format the new partition by typing
format quick fs=ntfs label="Windows RE tools"
.
5. Re-enable WinRE:
- Exit DiskPart by typing
exit
. - Re-enable WinRE by typing
reagentc /enable
. - Verify the installation by typing
reagentc /info
.
Once you've successfully completed these steps, restart your computer and try installing the KB5034441 update again. This should resolve the error and allow the update to be installed correctly.
If you're not comfortable performing these steps, or if they seem too complex, it’s okay to wait. Microsoft is aware of the issue and is working on a simpler, automated solution that should be available through Windows Update. Until then, your device might be at risk if left unpatched, but remember, the vulnerability requires physical access to your device, which somewhat reduces the risk.
Always ensure your data is backed up before attempting any fixes, and consider seeking professional help if you're unsure.
Member discussion