Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Windows Patch Notes for CTE v7.6.0

Windows Patch Notes for CTE v7.6.0

search

Please Note:

Windows Patch Notes for CTE v7.6.0

Patch Information
Release v7.6.0.111
Date 2024-08-06
Document version 1

Resolved Issues

  • AGT-54936 [CS1536981]: Failed to attach database to MSSQL using VMLFS driver

    The issue was caused by a conflict between a map file and the non-cached write. The solution is to delete the section object created by the anti-virus software. This forces the next read to get the data from the disk instead of the cache.

  • AGT-57808 [CS1542402]: Prompt challenge response when primary CM unreachable

    The timer used to connect to the key manager during initialization was set to 120 seconds. This fix changes the code to use the CONNECT_TIMEOUT value which can be changed on the key manager through the API playground:

    <CM_IP>/v1/transparent-encryption/profiles/

    Note

    The value of {id} is the client profile.

  • AGT-58665 [CS1553829]: Getting Error: 1720 while installing CTE v7.4 or v7.5

    Issue was caused by a username containing spaces or special characters. This has been fixed.

  • AGT-58682 [CS1550293]: Server hangs after installing CTE agent

    The issue was caused by the interrupts created by the vmsecfltr driver that were pausing while waiting for the vmlfs interface to be loaded. The solution is to not register vmsecfltr as a filter driver when using the vmfiltr interface.

  • AGT-58683: RWP alert is generated for exempted process set

    The Process exemption does not work after reboot if CTE has received changes from CipherTrust Manager. The issue only occurs when CTE reboots. Until then, the feature works as expected. This has been fixed.

  • AGT-59458 [CS1558026]: Existing files encrypted with LDT metadata are inside the GuardPoint as clear text

    The issue is caused by a third-party entity which is exclusively opening a directory at the same moment the CTE agent driver is attempting to guard it. As a result, CTE generates a STATUS_SHARING_VIOLATION error. The solution is that CTE agent treats the scenario as if the directory exists and continues with guarding.

Known Issues

  • AGT-36370: The vorvmd.log reports an error message when guarding LDT over CIFS GuardPoint

    CTE agent needs CIFS credentials to apply a GuardPoint on a CIFS share. This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored.

  • AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials

    If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails.

    Work-around

    To successfully guard/unguard a CIFS path, use valid credentials.

  • AGT-48196: Microsoft DPM reports recovery creation failed when creating a recovery point after synchronizing data

    Work-around

    Perform a complete backup. Do not perform an incremental backup. The incremental backup does not work properly with LDT.

  • AGT-48580: Ransomware Protection gzip files in a directory can be mistakenly identified as ransomware

    Intermittently, zip or unzip activity that occurs within a Ransomware Protection GuardPoint is identified as ransomware.

    Work-around

    Add the zip/gzip/winzip programs to the Ransomware Protection process exemption list in the CipherTrust Manager client profile.

  • AGT-48862: Stopping secfsd service does not unguard CIFS GuardPoint

    Secfsd service is a critical service needed to perform Guard/Unguard operations. If this service is not running, CTE agent fails to unguard the CIFS GuardPoints.

    Work-around

    Manually disable the GuardPoint in CipherTrust Manager.

  • AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence

    • When Multifactor Authentication is configured and used in a Client Profile (OIDC or EntraID), Ransomware Protection fails to setup on the host.

    • When attempting to change the Multifactor Authentication profile to the default client profile, that also fails.

    • When an OIDC connection is associated with a client profile, CipherTrust Manager reports an error while creating a Ransomware Protection GuardPoint.

    Note

    Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent. You can associate Multifactor Authentication with a CTE GuardPoint with no Ransomware Protection, and that should work normally.

    Work-around

    1. Remove the OIDC connection from the client profile.

    2. Create another Ransomware Protection GuardPoint and re-associate the OIDC connection to the client profile after guarding succeeds.

  • AGT-61138: Guard a system UNC by Standard policy, files are shown as cipher-text format from local Windows explorer

    Work-around

    Only view the files using the UNC from the local system (\\192.168.1.1\secrets). Do not use Windows Explorer (e:\secrets).

On this page