Refreshing the EFI system partition

[rustleg]

I want to refresh the data stored on an EFI system partition on my nvme SSD. My idea is to take an image of this partition with IFL (or the imaging built into BIU) and to immediately restore it in place. My question is whether this will render it inoperative. I can't see how it should but I'd like to be absolutely certain. This may sound totally unnecessary but to know why I want to do this read on.

The motivation for this is that it has been discovered that data on a SSD degrades over time more so than on hard drives. I can point to a podcast by Steve Gibson author of Spinrite. Spinrite is a tool developed many years ago to service hard drives and has in recent times been upgraded and run on SSD's. SSD degradation was mentioned in his podcast of 29 April 2025 episode 1023. If you are interested there is a transcript here: https://www.grc.com/securitynow.htm. Download the text file and search for "Tom's Hardware". It's very interesting. He goes on to say the problem is not leaving a SSD unpowered for a while as Tom's Hardware suggests, it's just that the storage leaks naturally over time.

He says "What we discovered was that those regions which were only ever read, and rarely or never written, had become far slower to read over time." So eventually the data will deteriorate to become corrupt. I am concerned about the EFI system partition which is only ever read and is vital to keep the OS operational.

The remedy is simply to rewrite the data. Spinrite would do it but it doesn't handle nvme drives. His next update will, but knowing him it will be several years before he updates it. Hence my idea to take an image and immediately restore it, maybe once a month or so. Of course it might also be a good idea to do this from time to time with other partitions.

[OldNavyGuy]

Lots of controversy surrounding Spinrite, and Steve Gibson's claims.

[Bob Coleman]

I don't know that I've ever explicitly restored just the EFI system partition, but I've numerous times restored the whole disk (SSD) which would inmclude the EFI system partition. No harm seems to have been done.

[johnstrasser]

It is my understanding that managing bitrot for that case is the firmware's job

[rustleg]

I have experienced bitrot from HDDs and SSDs. I have a scheduled job which runs regularly to check all data files on all drives. I found that SSD bitrot was worse than HDD although my data is a small sample so could be just my luck.

I don't know exactly what the firmware does. I understand it does a lot of error checking on the fly when reading files and will reallocate data if it's looking like becoming uncorrectable. But this is when it's asked to read the file. I have no idea whether it goes looking for problems when it has spare time, it seems doubtful.

There are also certain file systems which are supposed to deal with bitrot and there are RAID systems, etc. but I've just got normal file systems - Ext4 and ntfs.

My original post was about the EFI system partition partly because I don't know enough about it but it is essential to have it working. If it doesn't work you don't have a PC.

[OldNavyGuy]

I would say there are two mitigations...

1. Always have a known good backup of your entire drive.

2. Make sure you have a bootable copy of the Windows installation media to access the Command prompt, and learn how to use diskpart and bcdboot to rebuild the EFI partition

[rustleg]

Thanks. I don't want to backup the drive including the data only OS partitions. I would like to backup just the EFI system partition so that I can restore it if necessary and still be able to boot the OS partitions I have.

Are diskpart and bcdboot part of Windows? Although I currently have Windows 10 on my PC I am planning to change to running it using Virtualbox from within Linux Mint and isolating it from the internet because I only need it occasionally to do Excel work. I can then avoid doing any updates and I don't plan to upgrade to Win 11.

[OldNavyGuy]

It is for Windows....

For Linux, you would create bootable Linux Live media, and use Gparted to rebuild the EFI partition.

As an aside, you should have a known good full drive image, in the cases where the drive has failed, is corrupted and not accessible...or encrypted with ransomware.

[rustleg]

I have a Linux live USB which will run Gparted to create partitions, but BIU will do this. It won't create the file system but it won't need to if I can restore using an image. My original question didn't concern if the SSD fails but if I want to refresh the EFI partition by restoring it.

I have backups of my OS partitions on different disks. I don't mix data and OS on the same partition, unlike Windows with its C drive. Even with Windows I have for years used one or more separate drives for data, which is a bit of a pain because they assume you will use the user areas on C. My backups of data are not via imaging but local file by file backup also backed up to the cloud (Amazon S3, also Dropbox). For one thing if you restore a partition which includes data you are restoring old data.

[OldNavyGuy]

I don't use BIU.

I know what your orignal question was...no one that I know is overly concerned about corrupt EFI partitions, since there are simple ways to mitigate that.

They are more concerned about their data.

You can certainly back up the EFI partition.

Some considerations...

What if the partition is corrupted because of a corrupted hard drive?

Cloud storage has been atacked by ransomware...what if you can't access the cloud?

Making frequent images of your drives, stored offline on an external medium such as a USB SSD, ensures safe recovery from ransomware, or drive failure.

Old data is always a problem...whether you image weely, daily, or (your timeline here).

Having a process(es) for identifying and backing up frequently changing data to removable storage, would mitigate no cloud access, and significant data loss.

I would advise avoiding the Steve Gibson/SpinRite nonsense, and consider the bigger picture.

Good luck.