Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Windows Patch Notes for CTE v7.7.0

Windows Patch Notes for CTE v7.7.0

search

Please Note:

printsuggest an edit

Windows Patch Notes for CTE v7.7.0

Patch Information
Release v7.7.0.111
Date 2025-04-01
Document version 1

copy link to clipboardResolved Issues

  • AGT-61808: Improved LDT messaging if LDT has a single node left for CIFS and NFS GuardPoints

    When LDT has only a primary node guarding a GuardPoint and no secondary nodes are present, the nodes will no longer send messages through LGS. This will improve LDT performance.

  • AGT-62841 [CS1583064]: VEEAM backup fails to restore MSSQL databases that are encrypted with CTE

    The mount points were not resolving correctly and this lead to the crash. This issue has been fixed. After upgrading, type the following to add the registry flag, DeleteReparseFlag. Then reboot the system to restore the MSSQL Database:

    voradmin ldt delreparse allow 1

  • AGT-63289 [CS1597289]: Unable to register CTE clients

    With the addition of an OCI OpenSSL environment, the register_host program did not use the OpenSSL defaults which caused it to fail to register to the key manager. The solution was to ignore any OpenSSL environment variables during registration.

  • AGT-63667 [CS1605532]: Production server client CTE shows unregistered status but CipherTrust Manager shows GuardPoint as active and gray

    The CipherTrust Transparent Encryption driver was allowing anti-virus software to access a file using CTE's registration application's file handle. This prevented the certificate renewal process from replacing the certificates.

  • AGT-64250 | AGT-64324 [CS1605532] [CS1608550]: Read only user can delete files in a CIFS shared folder so policy not working as expected with CTE driver

    A policy that contained a security rule that set permissions to read only was allowing the deletion of files. This issue was fixed.

  • AGT-64307 [CS1610694]: Two LDT GuardPoint do not activate after changing from vmlfs to vmfiltr

    VMLFS had an issue with an array overflow in its page handling for files larger than 1TB. This issue has been fixed.

copy link to clipboardKnown Issues

  • AGT-36370: The vorvmd.log reports an error message when guarding LDT over CIFS GuardPoint

    This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored.

  • AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials

    If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails because CTE agent is unable to access the CIFS share to update the credentials.

    Work-around

    To successfully guard/unguard a CIFS path, use valid credentials.

  • AGT-39190: File modified time does not change after rekey for excluded files

    This is a limitation with the current CTE agent. This is due to the Windows Redirected Drive Buffering Subsystem (rdbss) limitation.

  • AGT-48196: Microsoft DPM recovery creation failed when creating an incremental backup recovery point

    Work-around

    Perform a complete backup. Do not perform an incremental backup.

  • AGT-48580: gzip files in a directory can be mistakenly identified as ransomware by Ransomware Protection

    Some compression algorithms haves high entropy value and intermittently, zip or unzip activity that occurs on files that already themselves have high entropy, within a Ransomware Protection GuardPoint, is mistakenly identified as ransomware.

    Work-around

    Add the zip/gzip/winzip programs to the Ransomware Protection process exemption list in the CipherTrust Manager.

  • AGT-48862: Unguard process fails if CTE secfsd service is down

    secfsd service is a critical CTE service. If this service is down, certain CTE features may not work as intended.

    Work-around

    Manually restart the secfsd service in the service manager.

  • AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence

    Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent.

  • AGT-61138: When applying a GuardPoint on the UNC (Universal Naming Convention) name instead of a Local drive, files display as cipher-text format when accessing using local drive

    User must apply GuardPoint on the local drive. If the user decides to apply the GuardPoint on the UNC path, user must use the UNC path to access the data. Do not view through the local Windows explorer path.

  • AGT-61679 [CS1581483]: The Apache service does not start when launched within a GuardPoint

    This issue is interoperability issue between CTE and Windows Defender.

    Work-around

    Create an exclusion rule for Windows Defender that will exclude the Apache2.4 directory.

On this page