Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Windows Patch Notes for CTE v7.6.0

Windows Patch Notes for CTE v7.6.0

search

Please Note:

Windows Patch Notes for CTE v7.6.0

Patch Information
Release v7.6.0.118
Date 2024-09-04
Document version 2

Resolved Issues

  • AGT-58668 [CS1551868]: Getting low speed while copying data within guarded drives

    The vmfiltr driver's PrimeCachedReads logic did not account for multiple, separate, network GuardPoints where files in one network GuardPoint have client-side caching enabled, but parallel files do not have it enabled. The solution was to enhance PrimeCachedReads logic to be GuardPoint specific, instead of system-wide specific. Now, CTE can manage a combination of GuardPoints, some with client-side caching and some without.

  • AGT-59472 [CS1557580]: An unknown VMLFS function forces Windows to restart

    The issue occurred because the read was going beyond the maximum file size which triggered a bug check. The solution is to add in file size checks before reading the file data.

  • AGT-59619 [CS1561644]: When using VMFILTR, access denied for read-only access for Tableau production server

    The issue occurred when vmfiltr blocked all no-view processes' access to memory mapped files. The solution was to change the rule so that vmfiltr only blocked no-view processes' access to memory mapped files if the file is currently marked as encrypted by any other process on the system.

  • AGT-59629 [CS1559510]: Validating if Microsoft Verifier can run with Thales filter driver (VMFilter.sys)

    The issue occurred when the user ran the Windows Driver Verifier on the CTE vmfiltr.sys driver. Verifier detected an anomaly in the CTE vmfilter code. That has been fixed.

  • AGT-59818 [CS1565707]:System crash prior to guarding the GuardPoint

    This issue occurred because the filenode in streamcontext was NULL. This triggered a crash. The solution was to add suitable checks for filenode to make sure that filenode is not NULL under streamcontext.

Known Issues

  • AGT-36370: The vorvmd.log reports an error message when guarding LDT over CIFS GuardPoint

    CTE agent needs CIFS credentials to apply a GuardPoint on a CIFS share. This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored.

  • AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials

    If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails.

    Work-around

    To successfully guard/unguard a CIFS path, use valid credentials.

  • AGT-48196: Microsoft DPM reports recovery creation failed when creating a recovery point after synchronizing data

    Work-around

    Perform a complete backup. Do not perform an incremental backup. The incremental backup does not work properly with LDT.

  • AGT-48580: Ransomware Protection gzip files in a directory can be mistakenly identified as ransomware

    Intermittently, zip or unzip activity that occurs within a Ransomware Protection GuardPoint is identified as ransomware.

    Work-around

    Add the zip/gzip/winzip programs to the Ransomware Protection process exemption list in the CipherTrust Manager client profile.

  • AGT-48862: Stopping secfsd service does not unguard CIFS GuardPoint

    Secfsd service is a critical service needed to perform Guard/Unguard operations. If this service is not running, CTE agent fails to unguard the CIFS GuardPoints.

    Work-around

    Manually disable the GuardPoint in CipherTrust Manager.

  • AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence

    • When Multifactor Authentication is configured and used in a Client Profile (OIDC or EntraID), Ransomware Protection fails to setup on the host.

    • When attempting to change the Multifactor Authentication profile to the default client profile, that also fails.

    • When an OIDC connection is associated with a client profile, CipherTrust Manager reports an error while creating a Ransomware Protection GuardPoint.

    Note

    Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent. You can associate Multifactor Authentication with a CTE GuardPoint with no Ransomware Protection, and that should work normally.

    Work-around

    1. Remove the OIDC connection from the client profile.

    2. Create another Ransomware Protection GuardPoint and re-associate the OIDC connection to the client profile after guarding succeeds.

  • AGT-61138: Guard a system UNC by Standard policy, files are shown as cipher-text format from local Windows explorer

    Work-around

    Only view the files using the UNC from the local system (\\192.168.1.1\secrets). Do not use Windows Explorer (e:\secrets).

On this page