Solved Windows Recovery partition resizing

Hello!

So like many others I have been waiting for months now for Microsoft to fix the issues with automatically updating the WinRE image on the Recovery partition during Windows cumulative updates, so that updates like the fix for the BitLocker bypass through WinRE vulnerability CVE-2024-20666 can be installed. Recently I heard that this fix might not actually ever happen, since MS announced it won't fix this problem on Windows 10 that caused issues with KB5034441 for those users with Recovery partitions too small, or rather, not having enough free space. (It is fairly silly, though, that the Windows installer would create Recovery partitions that are too small, without even asking the user, which is what happened to me too...) On one system, for example, my Recovery partition is 1000 MB, but only has about 80 MB space left, which is not enough of course. (Something I did not know: the classic Disc Management tool does not correctly show free/used space on any other partition except the normal OS and data partitions, special partitions like the Recovery partition always say 100 % free space, even if that is not correct. But, if you go to Windows Settings, System, Storage, Discs and Volumes, you can see all the partitions there also and if you click on Properties on any partition, it will show you the real free space left, very handy.)

I have checked that the monthly Windows updates are not updating my WinRE: when I install the monthly patch, I get a "Windows Recovery Environment servicing failed." Critical event in the Event log, and if I do the Dism /Get-ImageInfo on the winre.wim file on the Recovery partition, its date and version numbers are old, not updated recently even if the patch notes say the patch should update the WinRE.

I have decided I don't really want to wait any longer for MS to fix this issue, even though all the instructions to do it manually seem pretty daunting to me. But I use BitLocker and the Win Home version Device encryption, and don't like the idea of such a bypass being there for some thief to get at my files freely without even any real expertise.

I have read quite a bit on how to do the manual Recovery partition resize, for example: KB5028997: Instructions to manually resize your partition to install the WinRE update - Microsoft Support
The procedure is complicated, but I think I understand it and can follow the steps carefully. However, I ran into two questions that I hope someone knows the answer to.


1) Can I do the manual shrinking of the system partition described in the above article from MS while my BitLocker is still enabled? I assume I can safely do so, since MS did not warn to suspend or disable BitLocker before shrinking the os partition, but... wouldn't be the first time someone makes a mistake writing an article. Has anyone here done the resize while BitLocker is enabled normally? Yes, I do have backups and BitLocker recovery keys safely stored, but I would prefer not to have to go through any extra hassle, time is not free.


2) One of my PCs is an Asus Tuf laptop, and I was surprised to learn that it has 2 Recovery partitions out of the box. I did not do that, it came from the store, new, like that. There is one 1000 MB Recovery partition that has the WinRE image, I checked with the reagentc /info command. But there is also a second partition of only 260 MB, and it looks like that has some Asus stuff as it is shown as "MYASUS" in the Windows Settings under Storage and so on. I believe I should not mess with that smaller MYASUS partition, but, I wonder if it will interfere with the manual resizing of the MS Recovery partition? Because, according to Disc Management, the first partition on the system (first on the left in Disc Management) is the usual UEFI one, then it is followed by the BitLocker-protected OS partition, which is then followed by the 1000 MB Recovery partition where the winre.wim is located, and after that one there is the smaller MYASUS Recovery partition. So, the actual Recovery partition is sandwiched between the OS partition and the MYASUS one, is that a problem if I try to follow the above MS instructions for manually resizing the Recovery partition?


I have been using computers for a long time and this whole thing is making me feel like such a novice... and all this at the same time as the complicated fixes for the Secure Boot Black Lotus vulnerability thing, or the LogoFail UEFI vulnerabilities, makes me feel very old...

Thank you for the help and I hope you all have had a good spring! :)

That ASUS recovery partition is a cop-out for support staff to suggest using when they can't fix an issue. It will restore the computer to the as-bought condition. This is useless for most of us as it will not be up-to-date with all the Windows updates, and you will have to reinstall all your software. You also lose all your personal files. For that reason, I always delete any OEM recovery partitions. I did resize my Windows Recovery partition but it took quite an effort and I had some trouble with booting - I think I had to rebuild the MBR and BCD!

I had deleted it to save space and then changed my mind and thought it might be useful. You can live without it if you use something like Macrium Recovery to add its recovery to the boot menu or if you have a bootable Macrium external UFD or USB external HDD or SSD.

The only time I would keep an OEM/Proprietary recovery or factory reset partition would be through the warranty period.
After that time, a full Windows reset or an in-place upgrade is the ticket.
Like kelper, I remove the partition. I resize the OS partition with the space saved.

The only difference between a full Windows 11 reset and the OEM/Proprietary factory reset process, is proprietary bloatware and some preinstalled and (probably) out of date drivers. In my opinion.

I use the Recover (Recover, not Recovery...) partition as a cop-out if support staff tries to suggests to use it, as then I can simply reply to them that I already did this, and that the issue persists so then they have no other choice but to open an RMA ticket for me immediately without any unnecessary delay. lol I don't keep this partition's contents stored on the internal SSD, though. Instead, I just move them onto external storage and then pray that I'll never need them.

As for deleting an obsolete Recovery partition and resizing the Recovery partition, the free AOMEI Partition Assistant can be used as an easier alternative to the DISKPART method. How to Delete Recovery Partition in Windows 11/10/8/7 Safely?

P.S., on my Asus TUF Gaming F16 (2024) laptop the Recover partition is named RESTORE. It also has the obsolete Recovery partition that is 260 MB.



P.P.S., It's not actually an obsolete Recovery partition. It's the MyAsus in WinRE. MyASUS in WinRE | ASUS Global

Shame the image is double-dutch!

kelper said:

Shame the image is double-dutch!

Click to expand...

Netherglish FTW.

hdmi said:

I use the Recover (Recover, not Recovery...) partition as a cop-out if support staff tries to suggests to use it, as then I can simply reply to them that I already did this, and that the issue persists so then they have no other choice but to open an RMA ticket for me immediately without any unnecessary delay. lol I don't keep this partition's contents stored on the internal SSD, though. Instead, I just move them onto external storage and then pray that I'll never need them.

As for deleting an obsolete Recovery partition and resizing the Recovery partition, the free AOMEI Partition Assistant can be used as an easier alternative to the DISKPART method. How to Delete Recovery Partition in Windows 11/10/8/7 Safely?

P.S., on my Asus TUF Gaming F16 (2024) laptop the Recover partition is named RESTORE. It also has the obsolete Recovery partition that is 260 MB.

View attachment 95533

P.P.S., It's not actually an obsolete Recovery partition. It's the MyAsus in WinRE. MyASUS in WinRE | ASUS Global

Click to expand...

Oh nice, a 26 gig partition for this stuff? Yeah, I guess I got lucky my older laptop model doesn't have that, on a 500 gig SSD 26 gigs for that feels like a lot and I would definitely be tempted to just remove that.

You must be right about the MyAsus in WinRE, because I checked and that small 260 MB Recovery partition I have here is labeled MYASUS and it has 80 MB of space used, so there is definitely something there, so probably those MyAsus diagnostic tools then. So, I guess I will keep that then, 260 MB is not much, I just hope it won't interfere with resizing the MS Recovery partition that is located in front of it (on my laptop that one is labelled RECOVERY, yeah, with the Y, strange how those things also change from model to model it seems, so complicated).

I made the recovery partition unhidden and allocated a drive letter. Then I copied the Winre.wim from C:\Windows\System32\Recovery to the Recovery partition's WindowsRE folder. Then I made the partition hidden again.
So the winre.wim is now dated April 24 2024 instead of January, as it was.

The oddity is that winre.wim sometimes seems to be in C:\Recovery and sometimes in C:\Windows\System32\Recovery.

I suspect one path is an alias or a library link.

It's been awhile so this may not be the actual post I followed but I used a suggestion that @NavyLCDR made to someone and moved my Recover Partition to my C: drive. I now have it as a boot option when I start either one of my desktops. Disk Management- Partition Advice

Winuser said:

It's been awhile so this may not be the actual post I followed but I used a suggestion that @NavyLCDR made to someone and moved my Recover Partition to my C: drive. I now have it as a boot option when I start either one of my desktops. Disk Management- Partition Advice

Click to expand...

If the recovery image is placed on the C drive and the C drive is encrypted with BitLocker, surely that can't work correctly?

In any case, there's good news and bad news for me. I tried following the instructions in this article KB5028997: Instructions to manually resize your partition to install the WinRE update - Microsoft Support and all went well... all the way until the part where you are supposed to enable the recovery environment again with reagentc /enable. But when I tried that, it said simply that "The Windows RE image was not found." Awesome. Of course nothing can ever work, even if following the official instructions to the letter.

So, now I have a large enough recovery partition, but the WinRe won't enable because... that would be too easy. I searched my SDD and there is a winre.wim file in C:\$WinREAgent\Backup but I can't say how I would get that copied to the actual recovery partition. A little frustrating, I must say. On the positive side, as long as this WinRe is disabled, I suppose the actual BitLocker bypass vulnerability is mitigated too... but having the recovery option would be very nice. I guess it's time to do another couple hours of reading on google for maximum confusion.

Aaand success :) Win RE is now enabled again.

What I had to do was download the windows media creation tool, make an iso with that, mount the iso, copy the install.esd from there, and copy the winre.wim and reagent.xml files from there to the system32/recovery folder on my os drive, and after that, reagentc /enable worked just fine. And now I have a nice 1000+ gigs free space on a 2 gig recovery partition so in future the monthly updates should be able to update the recovery environment without problems I hope.

Thanks all!

Please post each command used after downloading the iso to a desktop folder or to a flash drive.

SailorHF said:

And now I have a nice 1000+ gigs free space on a 2 gig recovery partition

Click to expand...

1000+ gigs? That would be pretty cool. And TUF! lmao

hdmi said:

1000+ gigs? That would be pretty cool. And TUF! lmao

Click to expand...

Oops, had a bit of a brainfart there, didn't I.

zbook said:

Please post each command used after downloading the iso to a desktop folder or to a flash drive.

Click to expand...

I'm not sure I remember all the steps correctly since I didn't write it all down but I will try.

I just downloaded the Media Creation Tool, not the actual iso file (I don't know if MS lets you download an iso file directly, without doing it through the Media Creation Tool). Then I used the Media Creation Tool to create the iso file and saved it to "C:\pelp\" , a "randomly named" folder I made just for this thing. Then I right-clicked on the iso file and mounted it, so it appeared as a drive in Explorer as the D drive.

According to instructions I read online (I think on this forum, but not sure anymore), at this point I could have used the 7-Zip program's file manager to just copy the needed files winre.wim and reagent.xml from the iso without any other tricks, quote from the instructions below.

To fix this and be able to re-enable recovery you need to put a copy of WinRE.wim into C:\Windows\System32\Recovery. You can get one from the Windows install media for the version you are running. Open the install.wim or install.esd you'll find in the sources folder using 7-Zip file manager.

E:\sources\install.esd\1\Windows\System32\Recovery

Click to expand...

But, I did not have 7-Zip installed and did not want to install it, so I had to do some extra steps.

First, I navigated to the mounted iso in Explorer and copied the install.esd file from the D:\sources\ folder to my local hard drive C:\pelp\ folder. Then I unmounted the iso in Explorer because I no longer needed it.

Next step was to convert the install.esd into a .wim file that I would be able to open with PowerArchiver, a program which I did have installed already. To do so, I did this:

1) Open admin Command prompt and navigate to the location of the install.esd in C:\pelp\

2) To see what is inside the esd file, I gave the following command: "Dism /Get-WimInfo /WimFile:C:\pelp\install.esd"
This esd had many OS images for different versions like Home and Pro and you have to choose the right index for your OS version, to be used in the next step. In this case, the right index for my Windows 11 Home was index 1 in the esd file.

3) Now is time to give the command to create an install.wim file for Win 11 Home from the install.esd file. I did it with this command, giving the indext 1 for Win 11 Home in this esd for the SourceIndex parameter of this command: "Dism /Export-image /SourceImageFile:C:\pelp\install.esd /SourceIndex:1 /DestinationImageFile:C:\pelp\install.wim /Compress:max /CheckIntegrity"
This will take some time, it will show a % progress counter, but when that reaches 100 % and says it's done, you will have the install.wim file.

4) I opened the C:\pelp\install.wim file with PowerArchiver. This takes a little time because it's a big file, but when it eventually shows me the contents of the wim, I navigated to Windows\System32\Recovery\ and extracted the following two files to, I think, my desktop folder: winre.wim and reagent.xml.

5) Now I simply copied those two files winre.wim and reagent.xml from my desktop folder to C:\Windows\System32\Recovery, overwriting the old reagent.xml I had there.

6) I went back to the admin Command prompt and gave the command to enable the recovery partition again: "reagentc /enable"
This took a moment, but finally it said successful!

7) Being a little careful and skeptical, I gave the command to display the status of WinRE: "reagentc /info"
This returned that it was Enabled as can be seen in my screenshot in the previous post. Awesome, mission accomplished!

However, just to be sure, I also rebooted the machine, and checked reagentc /info again, happily finding that it was still enabled (I had read online some cases where it somehow disabled itself again after a reboot). I also checked from Windows Settings, System, Storage, Disks and Volumes to see the Properties of the recovery partition that was now showing itself named as Windows RE tools, and saw that things looked good, there was about 700 megs of space used on the recovery partition, with over 1 Gb free for future updates that now should work without giving the servicing failed error caused by not enough free space on the recovery partition.


I think that was all I did, don't think I missed anything. Although, that all of course does not include all the things I did before all that, to shrink the OS partition and then delete the recovery partition that was too small, and creating a new recovery partition that was like 2000 Mb so should be easily large enough for good...

SailorHF said:

But, I did not have 7-Zip installed and did not want to install it, so I had to do some extra steps.

Click to expand...

You could have just grabbed the portable instead. It's only a 3 MB download, and it does not add nor make any modifications to files, the Windows registry etc. outside the portable folder location that it asks you to select when you run the "installer" (so, simply deleting that folder and deleting the downloaded file is all that it takes to completely remove it). 7-Zip Portable (file archiver) | PortableApps.com