Windows upgrade made VC-system-partition smaller(!), rescue-disc not valid any more

[Jofifi]

Hi,

Originally I had Windows 10 1903 installed without any recovery- or OEM-partition (just on one single partition, non-UEFI-machine. I VC-encrypted that system partition.

Then I did an Upgrade to Windows 10 1909 using the Install-DVD, using the following method from github veracrapt-w10-patcher (without de-encrypting the system partition):

1.  Download and extract Windows 10 installation media (with media creation tool, then 7zip...)
2.  You need at least version 1.23 of VeraCrypt. 
o   You can update your VeraCrypt by simply installing the newer version.
Start the upgrade by:
1.  Open a CMD (command line) or a PowerShell with administrator rights.
2.  Navigate directories to the Windows 10 installation media.
3.  Start "setup.exe" with following line: .\setup.exe /ReflectDrivers "C:\Program Files\VeraCrypt" /PostOOBE C:\ProgramData\VeraCrypt\SetupComplete.cmd 

That worked without problem (probably because I have a non-UEFI-machine... with UEFI the risk would be much higher).

Afterwards I discovered:

• The still VC-encrypted system partition is smaller than before (before 200,7 GB, now 200,1 GB)
• There is a new 600MB-Recovery-Partition (non-encrypted) at the end of the system partition

--> Windows upgrade installer must have resized the VeraCrypt-System-partition on-the-fly, in order making room for the recovery-partition !!

• I thought making a Vera-Partition smaller is impossible? So how could that have been sucessfull? Does the PostOOBE-command enable Windows to de-encrypt and then re-encrypt the system disk, using the same password without me entering it? Or is it possible that windows just cut off the end of the VC-system-partition, without any complications?

• Only by chance I checked my rescue disk: VC says that rescue disc is not valid! -> does this mean that the header is different? Or does VC also check partition size, and complain about wrong partition size?

• I checked disk integrity with windows tools, it says all fine... is there anything else I have to check?

**--> warning to all windows users:

• check your rescue disk after windows upgrades (because upgrades often seem to add a recovery partition)**
• feature request: maybe VC can store the latest rescue disk, compare it after every boot, and display a warning when check fails?