Full Report
Microsoft says it resolved a known issue causing erroneous 0x80070643 installation failure errors when deploying the April 2025 Windows Recovery Environment (WinRE) updates. [...]
Analysis Summary
# Vulnerability: Incorrect 0x80070643 Error Display After WinRE Update Installation
## CVE Details
- CVE ID: Not explicitly assigned in the provided text. The issue is a known bug/error behavior rather than a traditional security vulnerability leading to exploitation.
- CVSS Score: Not applicable/Not provided (Focus is on system instability/misreporting, not direct unauthorized access/control).
- CWE: Not applicable/Not provided.
## Affected Systems
- Products: Windows Update service reporting mechanism related to Windows Recovery Environment (WinRE) updates.
- Versions:
* Windows Server 2022 (impacted by KB5057588)
* Windows 10, versions 22H2 and 21H2 (impacted by KB5057589)
*(Note: Previous related issues affected Windows 10/11 and Windows Server devices installing January 2024 WinRE updates.)*
- Configurations: When the device installs the WinRE update while another update is in a pending reboot state.
## Vulnerability Description
A software defect caused the Windows Update settings page to incorrectly report a `0x80070643 – ERROR_INSTALL_FAILURE` code after successfully installing the April 2025 Windows Recovery Environment (WinRE) update (KB5057588/KB5057589). Microsoft confirmed that this error message was inaccurate and did not reflect actual instability; the WinRE update was typically installed successfully after a subsequent device restart.
## Exploitation
- Status: Not applicable. This is a bug resulting in misreporting, not a security vulnerability that enables compromise.
- Complexity: Not applicable.
- Attack Vector: Not applicable.
## Impact
- Confidentiality: Negligible (System misreporting).
- Integrity: Minor (Temporary confusion regarding system update state).
- Availability: Negligible (Device functionality was generally not impacted, despite the error).
## Remediation
### Patches
Microsoft has addressed the bug causing the incorrect error message:
* The fix prevents the incorrect `0x80070643` message from showing up after installing the affected updates.
* Users who already installed the buggy updates will not be offered the update again.
### Workarounds
* **For users affected by the April 2025 update:** No further action is needed if a restart was performed, as the WinRE update was likely successful. Check update status using `Dism /Online /Get-Packages`.
* **Historical Context (Previous January 2024 Issue):** Previously, users facing similar 0x80070643 errors related to WinRE updates were advised (before updates were retired) to manually resize the WinRE partitions.
## Detection
- Indicators of Compromise: The presence of the `0x80070643` error displayed in Windows Update settings *following* the installation of KB5057588 or KB5057589.
- Detection Methods and Tools: Monitoring Windows Update status logs or running `Dism /Online /Get-Packages`.
## References
- Vendor Advisories: Microsoft Windows Release Health Dashboard (Status for Windows Server 2022).
- Relevant links - defanged:
* hxxps://support.microsoft.com/help/5057588
* hxxps://support.microsoft.com/help/5057589
* hxxps://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#the-april-2025-windows-re-update-might-show-as-unsuccessful-in-windows-update
* hxxps://www.bleepingcomputer.com/news/microsoft/microsoft-retires-windows-updates-causing-0x80070643-errors/
* hxxps://www.bleepingcomputer.com/news/microsoft/windows-10-kb5034441-security-update-fails-with-0x80070643-errors/
* hxxps://www.bleepingcomputer.com/news/microsoft/microsoft-wont-fix-windows-0x80070643-errors-manual-fix-required/
* hxxps://www.bleepingcomputer.com/news/security/fake-it-support-sites-push-malicious-powershell-scripts-as-windows-fixes/