Your suggested change has been received. Thank you.
Suggest A Change
https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….
- User Guides
- Integrations and Solutions
- CTE Use Cases
- Release Notes
- Patch Notes
- Additional Resources
- Previous Releases
Windows Patch Notes for CTE v7.6.0
Windows Patch Notes for CTE v7.6.0
Please Note:
- Patch Notes
- AIX Patch Notes for CTE v7.6.0
- Windows Patch Notes for CTE v7.6.0
- Windows Patch Notes for CTE v7.6.0
- Windows Patch Notes for CTE v7.6.0
- Windows Patch Notes for CTE v7.6.0
- Linux Patch Notes for CTE v7.6.0
- Linux Patch Notes for CTE v7.6.0
- Linux Patch Notes for CTE v7.6.0
- CipherTrust Transparent Encryption Agent
- Patch Notes
- Windows Patch Notes for CTE v7.6.0
- Windows Patch Notes for CTE v7.6.0
| Patch Information | |
|---|---|
| Release | v7.6.0.111 |
| Date | 2024-08-06 |
| Document version | 1 |
Resolved Issues
-
AGT-54936 [CS1536981]: Failed to attach database to MSSQL using VMLFS driver
The issue was caused by a conflict between a map file and the non-cached write. The solution is to delete the section object created by the anti-virus software. This forces the next read to get the data from the disk instead of the cache.
-
AGT-57808 [CS1542402]: Prompt challenge response when primary CM unreachable
The timer used to connect to the key manager during initialization was set to 120 seconds. This fix changes the code to use the
CONNECT_TIMEOUTvalue which can be changed on the key manager through the API playground:<CM_IP>/v1/transparent-encryption/profiles/Note
The value of {id} is the client profile.
-
AGT-58665 [CS1553829]: Getting Error: 1720 while installing CTE v7.4 or v7.5
Issue was caused by a username containing spaces or special characters. This has been fixed.
-
AGT-58682 [CS1550293]: Server hangs after installing CTE agent
The issue was caused by the interrupts created by the
vmsecfltrdriver that were pausing while waiting for thevmlfsinterface to be loaded. The solution is to not registervmsecfltras a filter driver when using thevmfiltrinterface. -
AGT-58683: RWP alert is generated for exempted process set
The Process exemption does not work after reboot if CTE has received changes from CipherTrust Manager. The issue only occurs when CTE reboots. Until then, the feature works as expected. This has been fixed.
-
AGT-59458 [CS1558026]: Existing files encrypted with LDT metadata are inside the GuardPoint as clear text
The issue is caused by a third-party entity which is exclusively opening a directory at the same moment the CTE agent driver is attempting to guard it. As a result, CTE generates a
STATUS_SHARING_VIOLATIONerror. The solution is that CTE agent treats the scenario as if the directory exists and continues with guarding.
Known Issues
-
AGT-36370: The vorvmd.log reports an error message when guarding LDT over CIFS GuardPoint
CTE agent needs CIFS credentials to apply a GuardPoint on a CIFS share. This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored.
-
AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials
If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails.
Work-around
To successfully guard/unguard a CIFS path, use valid credentials.
-
AGT-39190: VMLFS: file modified time does not change after rekey for excluded files
This issue is due to a Windows Redirected Drive Buffering Subsystem (rdbss) limitation. Windows rdbss uses one handle for multiple sharing applications on the same system. If app 1 opens a file on a remote share and sets the timestamps to -1, indicating to Windows to not update the time stamps of the file for activity on behalf of that file object, and then performs a write, and then a second app 2 opens the same file and performs a write, then the time stamp is NOT updated due to that second apps write, even after both close the file.
-
AGT-48196: Microsoft DPM reports recovery creation failed when creating a recovery point after synchronizing data
Work-around
Perform a complete backup. Do not perform an incremental backup. The incremental backup does not work properly with LDT.
-
AGT-48580: Ransomware Protection gzip files in a directory can be mistakenly identified as ransomware
Intermittently, zip or unzip activity that occurs within a Ransomware Protection GuardPoint is identified as ransomware.
Work-around
Add the zip/gzip/winzip programs to the Ransomware Protection process exemption list in the CipherTrust Manager client profile.
-
AGT-48862: LDT GuardPoint Group Stopping secfsd service does not unguard CIFS GuardPoint
Work-around
Manually disable the GuardPoint in CipherTrust Manager.
-
AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence
-
When Multifactor Authentication is configured and used in a Client Profile (OIDC or EntraID), Ransomware Protection fails to setup on the host.
-
When attempting to change the Multifactor Authentication profile to the default client profile, that also fails.
-
When an OIDC connection is associated with a client profile, CipherTrust Manager reports an error while creating a Ransomware Protection GuardPoint.
Note
Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent. You can associate Multifactor Authentication with a CTE GuardPoint with no Ransomware Protection, and that should work normally.
Work-around
-
Remove the OIDC connection from the client profile.
-
Create another Ransomware Protection GuardPoint and re-associate the OIDC connection to the client profile after guarding succeeds.
-
-
AGT-61138: Guard a system UNC by Standard policy, files are shown as cipher-text format from local Windows explorer
Work-around
Only view the files using the UNC from the local system (
\\192.168.1.1\secrets). Do not use Windows Explorer (e:\secrets).
