Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Windows Patch Notes for CTE v7.6.0

Windows Patch Notes for CTE v7.6.0

search

Please Note:

Windows Patch Notes for CTE v7.6.0

Patch Information
Release v7.6.0.132
Date 2024-10-31
Document version 1

Enhancements

  • CipherTrust Data Security Platform Services

    This patch adds support for CipherTrust Data Security Platform Services (CDSPaaS) as a key manager.

Resolved Issues

  • AGT-39190: VMLFS: File modified time does not change after rekey for excluded files

    This issue is due to a Windows Redirected Drive Buffering Subsystem (rdbss) limitation. Windows rdbss uses one handle for multiple sharing applications on the same system. If app 1 opens a file on a remote share and sets the timestamps to -1, indicating to Windows to not update the time stamps of the file for activity on behalf of that file object, and then performs a write, and then a second app 2 opens the same file and performs a write, then the time stamp is NOT updated due to that second apps write, even after both close the file. This issue has been fixed.

  • AGT-58746 [CS1465352, CS1555324, CS1563627] Some applications are getting permission denied error when accessing files on NAS when LDT over CIFS policy is configured.

    When the LDT process initiates rekey on a file, it fails to open its internal metadata file because of file system permission issues. This fix allows the LDT process to manage such scenarios and continue rekey on the rest of the files.

  • AGT-59842 [CS1554471] High Memory Consumption by VMD process

    In the code that formats log messages prior to uploading them to CipherTrust Manager, an array of variables was allocated to contain formatted strings, but the strings were not freed on completion. The memory leak was small for each message, but with a high volume of logging from CipherTrust Transparent Encryption to CipherTrust Manager, the memory leaks built up over time. The solution was to fix the memory leaks.

  • AGT-61112 [CS1575397]: High Non-Paged Pool memory consumption by CTE

    CTE processes were consuming high amounts of memory in very specific scenarios. These scenarios were related to mounting and dismounting of the volumes. This patch fixes all of those memory leaks.

  • AGT-61386 [CS1581338]: Encrypted files are readable in clear text with notepad.exe

    The legacy filter driver vmfilter.sys was allowing certain applications, such as notepad.exe, that use memory-mapped files, permission to view encrypted files as clear data, when security rules did not grant those permissions.

Known Issues

  • AGT-36370: The vorvmd.log reports an error message when guarding LDT over CIFS GuardPoint

    CTE agent needs CIFS credentials to apply a GuardPoint on a CIFS share. This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored.

  • AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials

    If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails.

    Work-around

    To successfully guard/unguard a CIFS path, use valid credentials.

  • AGT-48196: Microsoft DPM reports recovery creation failed when creating a recovery point after synchronizing data

    Work-around

    Perform a complete backup. Do not perform an incremental backup. The incremental backup does not work properly with LDT.

  • AGT-48580: Ransomware Protection gzip files in a directory can be mistakenly identified as ransomware

    Intermittently, zip or unzip activity that occurs within a Ransomware Protection GuardPoint is identified as ransomware.

    Work-around

    Add the zip/gzip/winzip programs to the Ransomware Protection process exemption list in the CipherTrust Manager client profile.

  • AGT-48862: Stopping secfsd service does not unguard CIFS GuardPoint

    Secfsd service is a critical service needed to perform Guard/Unguard operations. If this service is not running, CTE agent fails to unguard the CIFS GuardPoints.

    Work-around

    Manually disable the GuardPoint in CipherTrust Manager.

  • AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence

    • When Multifactor Authentication is configured and used in a Client Profile (OIDC or EntraID), Ransomware Protection fails to setup on the host.

    • When attempting to change the Multifactor Authentication profile to the default client profile, that also fails.

    • When an OIDC connection is associated with a client profile, CipherTrust Manager reports an error while creating a Ransomware Protection GuardPoint.

    Note

    Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent. You can associate Multifactor Authentication with a CTE GuardPoint with no Ransomware Protection, and that should work normally.

    Work-around

    1. Remove the OIDC connection from the client profile.

    2. Create another Ransomware Protection GuardPoint and re-associate the OIDC connection to the client profile after guarding succeeds.

  • AGT-61138: Guard a system UNC by Standard policy, files are shown as cipher-text format from local Windows explorer

    Work-around

    Only view the files using the UNC from the local system (\\192.168.1.1\secrets). Do not use Windows Explorer (e:\secrets).

On this page