Forum Discussion

Karl-WE's avatar
Karl-WE
MVP
Feb 19, 2024

BLOG: Guidance for Windows Recovery partition (WinRE) patching and why you would need it

This is an extended blog, which continues in comments. Why WinRE partition is controversly discussed on the web?  You want to enlarge the C (OS Partition) in a VM and WinRE partition is in the...
management
security
Windows Server
Karl-WE's avatar
Karl-WE
MVP
Feb 27, 2024

Explaining why "WinRE should located right hand side to the C partition." 

Let's have a look at the default layout for GPT / Secure Boot Based PC starting from Windows 8.1 and later / Hyper-V Gen 2 / Modern VMware VMs etc.

With Windows 8.1 and Windows Server 2012 R2 or latest Windows Server 2016 or newer GPT / Secure Boot should be (should have been) the norm in environments.

Yet at the time many OEMs and integrators choose for MBR for compatibility with Windows 7 / 2008 R2 and hardware built before ~2014.

For an easier transition to later OS, such as Windows Server 2019, 2022 and upcoming Windows Server 2025 versions, GPT / UEFI is very recommended. Keep in mind Windows Server 2022 and later VBS requires UEFI / GPT.



Here's the same but for MBR based legacy computers / VMs (Hyper-V Gen 1) and older (unconverted) VMware VMs.
https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/configure-biosmbr-based-hard-drive-partitions?view=windows-11#partition-layout

In this example the WinRE partition is located “right” to the OS Partition (C drive) for legacy OS / VMs


Convert MBR2GPT / UEFI with MS Tool

The mbr2gpt Conversion Tool is included since Windows 10 1809 / Windows Server 2019.

The tool works great but just for OS drive.

Caveats of MBR2GPT
your hardware / BIOS must be capable must support UEFI / Secure Boot
your dedicated GPU BIOS must UEFI GOP
MBR2GPT will fail if there are too many primary parititions (example OS and 2 or more user formatted data partitions, or OEM Parititions + User Data partitions). This is a technical limitation of MBR. The count of allowed primary partitions with MBR that is lower than with GPT.

If you cannot afford to clean up use named paid 3rd party tools, backup is recommended but never seen this conversion failing with data loss occoured (just saying).


The drawbacks of MBR (imho)

  •  max paritition size is limted to 2 TB
  • less primary partitions allowed
  • no Secure Boot support and theoretically there are still viruses that infect MBR boot sectors, where as I never heard about these adopting GPT and Secure Boot.
  • slower boot up time compared to GPT / UEFI as BIOS needs to emulate "BIOS / IDE mode" etc. This is also measureable in VMs.
  • Secure Boot lays foundation for modern security with fTPM / vTPM, the set of Secured Core features including VBS. MBR based hardware or VMs cannot be secured that low level way.
  • UEFI supports more features such as mouse emulation and get rid of legacy stuff like IDE mode etc. Bootloader for Windows + Linux is digitally signed, whereas MBR allows any bootloader or even rootkits.

Resources