Symantec Encryption Desktop 10.3.2 - Resolved Issues

book

Article ID: 154756

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption File Share Encryption Powered by PGP Technology

Issue/Introduction

This article details a list of resolved issues in Symantec Encryption Desktop 10.3.2 including all Maintenance Packs (MP).

 

Resolution

Symantec Encryption Desktop 10.3.2 MP10 Resolved Issues

General

  • Resolved a compatibility issue with Mac OS X 10.10 and later versions so that Symantec Encryption Desktop for Mac OS X now encrypts drives successfully when Microsoft Office 2011 is installed. [3745146]
  • Added compatibility with Microsoft Windows 10 (32-bit and 64-bit versions).
    This maintenance pack enables users to upgrade from Windows 7, 8, and 8.1 to Windows 10 directly, without first having to decrypt their encrypted drives.
     

Symantec File Share Encryption

  • Resolved an issue with Symantec File Share Encryption so that when files and folders are moved from one group key-protected folder to another, the moved files and folders are now encrypted using the destination folder key that is stored in a DFS shared folder. [3764323]
  • Resolved an issue with Symantec File Share Encryption so that files and folders that are dragged and dropped into protected DFS shared folders are now encrypted successfully. [3681958]
     

Messaging

  • Resolved an issue with Symantec Desktop Email Encryption so that the remaining distribution list members are no longer removed from delayed emails that are still in the Outbox folder if the sender expands a distribution list and deletes one or more recipients. [3749113]
  • Resolved an issue with Symantec Desktop Email Encryption so that users can now successfully resubmit delayed emails through MAPI after modifying the delay time while they are still in the Outbox folder. [3783571]
  • Resolved an issue with Symantec Desktop Email Encryption so that delayed emails that have not yet been sent do not appear in the Sent Items folder. [3744337]
  • Resolved an issue with Symantec Desktop Email Encryption so that users can now successfully open email attachments that are signed with X.509 certificates. [3725711]
  • Resolved an issue with Symantec Desktop Email Encryption so that no details of the original MAPI email are lost when users click Send Again in Non-Delivery Reports. [3738695]
     

Symantec Encryption Desktop 10.3.2 MP9 Resolved Issues

General

  • Addressed multiple accessibility issues to ensure compliance with Section 508 (C) standards.
  • Resolved an issue so that users who are moved to a different policy group now receive the new policy settings automatically when the next synchronization with the Symantec Encryption Management Server occurs. [3039741]
  • Added compatibility with the Microsoft Surface Pro 3 systems so that they work properly with Symantec Encryption Desktop. [3726095]
     

Messaging

  • Resolved an issue with Symantec Encryption Desktop so that emails that are sent through MAPI are no longer blocked when the Symantec Encryption Management Server is offline, if a standalone policy is enforced on the client. [3337821]
     

Symantec Drive Encryption

  • Added compatibility with Marx CrypToken MX2048 JCOP USB tokens so that they work properly with Symantec Encryption Desktop at pre-boot authentication. [3589731]
  • Local self-recovery security questions are now displayed properly when your computer is restarted or after it resumes from Sleep mode. [3636319]
     

Symantec Encryption Desktop

  • Resolved an issue so that keys that do not have passphrases can no longer be imported in Symantec Encryption Desktop during enrollment when Guarded Key Mode (GKM) is selected or enforced by policy in Symantec Encryption Management Server. [3326577]
     

Symantec File Share Encryption

  • Resolved an issue with Symantec File Share Encryption so that users can now successfully right-click and encrypt files on standalone clients. [2901478]
  • Resolved an issue with Symantec File Share Encryption so that users can now successfully remove keys that appear with the name ‘Unknown Key’ from protected folders through the Symantec Encryption Desktop client. [3322907]
     

Symantec Encryption Desktop 10.3.2 MP8 Resolved Issues

General

  • Simplified the license registration process for Symantec Encryption Desktop for Mac OS X so that the Name, Organization, and Email values are no longer required. [3108668]
  • Simplified the license registration process for Symantec Encryption Desktop for Windows so that the Name, Organization, and Email values are no longer required.
     

Messaging

  • Resolved an issue with Symantec Encryption Desktop so that the Subject line is now displayed when users resend bounced email messages directly from Non Delivery Reports (NDRs) if the messages are sent through Microsoft Exchange Server 2010 or Microsoft Exchange Server 2013 and Microsoft Outlook is not running in cached exchange mode. [2475006]
  • Resolved an issue so that attached PGP Zip files are no longer decrypted during email delivery when the body of the email message is unencrypted. [3237233]
  • Resolved an issue so that Non Delivery Reports (NDRs) in Microsoft Outlook running in cached exchange mode now indicate when emails are not delivered to any of the intended recipients due to one or more invalid or missing keys. [3318999]
     

Symantec Drive Encryption

  • Resolved an issue so that the Set default domain (Windows clients only) policy setting in Symantec Encryption Management Server is now enforced correctly in PGP BootGuard during the initial boot. [2965274, 3607647]
  • Resolved an issue with Symantec Drive Encryption so that using the --interactive command line option with the --verify-user option now successfully prompts smart card users to enter their passphrase during key verification. [3551517]
  • Introduced the following fixes and enhancements in PGP BootGuard: [3600547]
     
    • Resolved an issue so that Latin characters are no longer cleared from the password field when users switch to a Cyrillic keyboard layout.
    • Added the ability to use a secondary English (US) keyboard layout at pre-boot authentication. Users can now toggle between the primary keyboard layout and the secondary keyboard layout during pre-boot authentication.
       
  • Resolved an issue with Symantec Drive Encryption so that users can now set the keyboard layout in PGP BootGuard to English (Ireland) and German (Switzerland) from the command line. [3605759]
  • Resolved an issue with Symantec Drive Encryption so that a disk is now successfully unlocked if new users are enrolled immediately after using a Whole Disk Recovery Token (WDRT). [3661905]
  • Resolved an issue with Symantec Drive Encryption so that the default keyboard layout in PGP BootGuard is correctly set to German (Germany) instead of German (Germany) Apple when it is configured through the command line. [3667301]
  • Included passphrase expiry functionality for passphrase users to enhance data security. For information about the passphrase expiry functionality, see “Passphrase expiry policy for passphrase users” under the Documentation Errata section of this document. [3687313]
     

Symantec File Share Encryption

  • Resolved an issue with Symantec File Share Encryption so that users can now edit and save text files using Notepad++ in DFS-shared folders on Microsoft Windows Server 2008 R2 systems without causing data corruption. [3549694]
  • Resolved an issue with Symantec File Share Encryption so that an error message is now displayed if users submit a blank recipient value with the pgpnetshare.exe --encrypt command. [3604798]
  • Resolved a compatibility issue with Symantec File Share Encryption so that drawing files that are saved in DFS-shared folders through Solid Works 2014 are now encrypted successfully. [3624152]
  • Resolved an issue with Symantec File Share Encryption so that link (.lnk) files that have the % character at the end of their file names can now be encrypted, decrypted, and verified successfully through the command line. [3630331]
  • Resolved an issue with Symantec File Share Encryption so that users can now open and extract compressed archives that are located in network shared folders on Microsoft Windows Server 2008 R2 systems. [3635832]
     

Symantec Encryption Desktop 10.3.2 MP7 Resolved Issues

General

  • When you are using Symantec Encryption Desktop with Server Key Mode (SKM) keys, you can now successfully create a new PGP Virtual Disk and mount it automatically at startup. [2750042]
  • Local self-recovery security questions are now displayed properly when your computer is restarted or after it resumes from Sleep mode. [3636319]
  • Resolved incompatibilities with Apple Mac OS X 10.10.1 systems.
  • Resolved an issue with Symantec Encryption Desktop for Mac OS X so that a Master Key is now automatically added to the User Access List for PGP Virtual Disks created from the PGP Disk menu. [2475848]
  • Resolved an issue with Symantec Encryption Desktop for Mac OS X so that after enabling the Do not save my passphrase option (under Preferences), you are no longer prompted for passphrase for reading unencrypted emails only. [3224638]
  • Compatibility with the Mail Drop feature in Mac OS X 10.10.x: When encrypting email, Symantec Encryption Desktop 10.3.2 (MP6/MP7) for Mac OS X does not support the Mail Drop feature that was introduced in Mac OS X 10.10. To keep advised of the status of this issue, subscribe to knowledge base article TECH227453. [3695483]
     

Messaging

  • Resolved an issue that intermittently prevented securing outbound email that could occur when Symantec Desktop Email Encryption and Symantec Drive Encryption were used together, along with certain scripts running as a secondary user who is not enrolled on the system. [3598073]
  • Symantec Encryption Desktop 10.3.2 users can now receive and send emails using Microsoft Outlook on a Microsoft Windows client system with Symantec Norton 360 installed. [3567735]
     

Symantec Drive Encryption

  • Resolved a compatibility issue so that the integrated Broadcom smartcard reader in Dell Latitude E6440 systems now works as expected with PGP BootGuard. [3525880]
  • Added compatibility with the following smart cards so that they work properly with Symantec Encryption Desktop at preboot authentication [3634201, 3481651, 2751791]:

    Oberthur 64K CosmopolIC v5.2
    HID Global Crescendo JCOP 21 version 2.4.1 R2 64K
    Gemalto Cyberflex Access 64K v2c
     

Symantec Encryption Desktop

  • Resolved an issue with Symantec Encryption Desktop so that token-based user enrollment failures are logged when the root Certificate Authority (CA) certificate is not present in the Keys > Trusted Keys tab of the Symantec Encryption Management Server console. [3493890]
  • Resolved an issue so that it is no longer a requirement to install any version of the Java Runtime Environment (JRE) when installing Symantec Encryption Desktop for Mac OS X. [3549107]
     

Symantec File Share Encryption

  • Resolved an issue in Symantec File Share Encryption so that an error message no longer appears when you click Enable Content in encrypted Microsoft Access files that were replicated using Double-Take Availability 7.0.1 from Vision Solutions. [3523546]
  • Resolved a compatibility issue with Adobe Acrobat Pro versions 9 and later so that you can now successfully save files to encrypted shared folders that were replicated using Double-Take Availability 7.0.1 from Vision Solutions, without causing file corruption. [3655853]
     

Symantec Encryption Desktop 10.3.2 MP6 Resolved Issues

General

  • Resolved incompatibilities with Apple Mac OS X 10.10 systems.
     

Symantec Encryption Desktop 10.3.2 MP5 Resolved Issues

General

  • Resolved incompatibilities with Apple Mac OS X 10.9.4 and 10.9.5 systems.
     

Symantec Drive Encryption

  • Resolved an issue so that pgpwded does not unexpectedly terminate when attempting to encrypt an external drive with FileVault when Symantec Encryption Desktop for Mac OS X is installed. [3534235]
  • To enable compatibility with Secure Boot on Microsoft Surface Pro 1 and Surface Pro 2 laptops, download and run the Microsoft Surface Pro UEFI CA OEM PK Tool. Instructions and the download file are available at http://www.microsoft.com/en-us/download/details.aspx?id=41666. Note that this tool can only be run when your system is decrypted and Secure Boot is enabled. [3319192]
  • Resolved a compatibility issue so that the integrated Broadcom smartcard reader in Dell Latitude E6530 systems now works as expected with PGP BootGuard. [3529298]
  • For details on the updated list of the supported smart cards and tokens for the Symantec Drive Encryption administrator keys, refer to the Symantec Knowledgebase article TECH149099. [3583553]
     

Messaging

  • Resolved an issue with Microsoft Outlook/MAPI support in Symantec Encryption Desktop so that offline email policies no longer cause email duplication. [3547567]
  • Resolved an issue so that Microsoft Outlook with cached mode disabled now properly displays the rich text format content of an email for Microsoft Exchange Server 2013 users. [3456553]
     

Symantec Encryption Desktop

  • Resolved an issue with Symantec Encryption Desktop so that token-based user enrollment failures are logged when the root Certificate Authority (CA) certificate is not present in the Keys > Trusted Keys tab of the Symantec Encryption Management Server console. [3493890]
  • Resolved an issue so that it is no longer a requirement to install any version of the Java Runtime Environment (JRE) when installing Symantec Encryption Desktop for Mac OS X. [3549107]
     

Symantec File Share Encryption

  • Resolved an issue with Symantec File Share Encryption so that users can now access the path and user management functions for mounted subfolders of shared, encrypted distributed file system (DFS) folders. [3402457]
  • Resolved an issue with Symantec File Share Encryption so that Symantec Encryption Desktop users can now see the name of the group key that was used to encrypt a shared folder. [3555340, 3572636]
  • Resolved an issue with Symantec File Share Encryption so that the options for adding and deleting users, and for changing users’ roles, are now correctly enabled for group administrators. [3467664]
     

Symantec Encryption Desktop 10.3.2 MP4 Resolved Issues

General

  • Improved some functionality issues and further enhanced the overall security of the application.
     

Symantec Encryption Desktop 10.3.2 MP3 Resolved Issues

Symantec Encryption Desktop

  • Resolved the CVE-2014-3436 vulnerability so that Symantec Encryption Desktop limits decompression while decoding large encrypted email files, which could have led to a denial-of-service attack. Symantec would like to thank Alexander Klink with n.runs professionals GmbH for reporting this issue and working with Symantec as we addressed it. [3493711]
     

Symantec Drive Encryption

  • Resolved an issue so that users can now use the PGP Whole Disk Encryption command line utility to change the keyboard language on the computers that have Symantec Drive Encryption for Mac OS X installed. [3106791]
     

PGP Virtual Disk

  • Resolved an issue with PGP Virtual Disk so that users can successfully create and mount virtual disks and add other users to virtual disks using any Mac OS X operating system languages (including Czech and Russian). [3127279]
  • Resolved an issue so that PGP Virtual Disk does not stop responding when users change their passphrase preferences in Symantec Encryption Desktop for Mac OS X and re-mount the virtual disk. [3400421]
     

File Share Encryption

  • Resolved a compatibility issue with Double-Take Availability 7.0.1 so that Microsoft Access files that are encrypted using Symantec File Share Encryption do not become corrupted. This applies to all supported Microsoft Windows platforms, except Windows 8 (32-bit). [3523815]
  • Resolved an issue so that users can now modify .txt files in shared folders that are encrypted using Symantec File Share Encryption without causing data corruption when the shared folder is viewed simultaneously on the remote file server. This applies to all supported Microsoft Windows platforms, except Windows 8 (32-bit). [3523820]
  • Resolved an issue so that DFS-shared .txt files that are encrypted with Symantec File Share Encryption no longer display garbled data after being modified. [3523825]
     

Symantec Encryption Desktop 10.3.2 MP2 Resolved Issues

General

  • Resolved incompatibilities with Apple Mac OS X 10.9.3 systems.
     

Symantec Encryption Desktop

  • Resolved the CVE vulnerability (CVE-2014-3431) with insecure file handling in world writable locations on Mac OS X. Symantec thanks Aaron Sigel of Apple for reporting this and working with us as we addressed the issue. [3509396]
     

Symantec Drive Encryption

  • Resolved an issue so that users can now successfully enter and confirm the encryption key’s passphrase in the Symantec Encryption Desktop for Mac client to encrypt an external USB drive or to access an encrypted external USB drive. [3276490, 3405795]
  • Resolved an issue so that changing the system date on client computers no longer initializes the auto-decryption process. [3492949]
  • Resolved an issue so that the Symantec Encryption Desktop for Mac OS X client now correctly displays the storage capacity of a drive when it is greater than 2 TB. [3477264]
  • Added compatibility with the following smart cards so that they work properly with Symantec Encryption Desktop at preboot authentication [3508102]:

    ID-One Cosmo v7.0 with Oberthur PIV Applet Suite 2.3.2
    Giesecke & Devrient SmartCafe Expert 80K DI v3.2
    Giesecke & Devrient SmartCafe Expert 144K DI v3.2
    Gemalto TOP DL GX4 144K FIPS
     
  • Resolved an issue so that the Symantec Encryption Desktop client now correctly displays the storage capacity of a drive when it is greater than 2 TB. [3272070]

     

Symantec Encryption Desktop 10.3.2 MP1 Resolved Issues

Messaging

  • Resolved an issue so that users can now send S/MIME encrypted email messages from Symantec Encryption Desktop when only the keyEncipherment flag is enabled in the certificate. [3250866]
     

Symantec Encryption Desktop

  • Resolved incompatibilities with Apple Mac OS X 10.9.2 systems.
  • Resolved an issue so that the lsass.exe process does not terminate abruptly with an error message about the PGPsdk.dll file. [2898169]
  • Resolved an issue so that Symantec Encryption Desktop now logs only one event when Symantec Endpoint Encryption Removable Storage is also installed on the same computer. [3153572]
  • Resolved an issue so that PGP Zip now successfully opens and decrypts files when the word "message" or "attachment" is included in the file name. [3193714, 3206141]
  • Resolved an issue so that the PGPtray process does not terminate unexpectedly at user enrollment on Microsoft Windows 7 systems when folder redirection is enabled. [3243735]
  • Resolved the CVE vulnerability (CVE-2014-1646) with a memory read access violation when attempting to parse certain malformed files that could result in an application crash or potential arbitrary code execution with application privileges. Symantec thanks Jeremy Brown (jerbrown) of ReSP working through Microsoft Vulnerability for reporting this and working with us as we addressed it. [3452808]
     

Symantec Drive Encryption

  • Resolved an issue so that users can now add newly created user keys to an external storage device that has an Additional Decryption Key (ADK). [3076950]
  • Resolved an issue with Symantec Encryption Desktop so that single sign-on (SSO) passphrases on Microsoft Windows 7 computers are now synchronized at log on, if users are required to specify a Domain Name System (DNS) or User Principal Name (UPN) domain. [3299738]
  • Resolved an issue so that users cannot bypass PGP BootGuard when the bypass feature is disabled. [3304044]
  • Added compatibility with Giesecke and Devrient [email protected] Café Expert 5.0 smart card for pre-boot authentication. [3407936]
     

Symantec Encryption Desktop 10.3.2 Resolved Issues

Installation/Upgrade

  • Symantec Drive Encryption for Linux now installs successfully on new installations of Ubuntu 12.04.2 LTS, in addition to when it is installed as an upgrade from a previous Ubuntu version. [3133115]
  • The Single Sign-On (SSO) feature now works correctly for Symantec Drive Encryption on systems running Microsoft Windows 7, following the upgrade of Symantec Encryption Desktop from 9.12 to 10.3. [3318277]
  • Resolved an issue so that the Imation IronKey D200 and IronKey D250 devices remain writable after upgrading Symantec Encryption Desktop from version 10.2 to 10.3, rebooting the system, and logging in with different user accounts, when the User Account Control (UAC) is not at the highest level. [3274328]
     

Messaging

  • Resolved an issue so that users can now successfully send PDF files through email using Adobe Reader without any duplication in the Sent Items folder of Microsoft Outlook. [3318269]
  • Emails sent according to the Symantec Encryption Management Server offline mail policy option ‘Send clear’ are now saved in the Sent Items folder of Microsoft Outlook. [3318678]
  • Resolved an issue so that Lotus Protector for Mail Encryption Server 2.1.1 no longer produces the Invalid UTF-8 character errors due to delivery failure codes received from the recipient mail server for outbound and bounced emails. [3311603]
  • Resolved an issue so that users do not encounter the Invalid UTF-8 character error while replying to emails using an Apple iOS device, which is integrated with Lotus Protector for Mail Encryption Client 2.1.1 using IBM Notes Traveler. [3311598]
  • Symantec Desktop Email Encryption now supports MAPI email on Microsoft Windows 8 64-bit systems with Secure Boot enabled. [3249601]
  • Resolved an issue so that users can now successfully copy or move large numbers of emails from folders to a shared mailbox using Microsoft Outlook 2010 64-bit. [3318276]
     

Symantec Encryption Desktop

  • Avira Antivirus Suite 2014 v14 is now compatible with Symantec Encryption Desktop and no longer deactivates email scanning or encryption/decryption. [2464094]
     

Symantec Drive Encryption

  • Symantec Drive Encryption is now compatible with the Thunderbolt interface on Mac OS X systems. [2535344]
  • Resolved an issue so that a Symantec Encryption Desktop-encrypted Macintosh system boots properly after the system is upgraded to Apple Mac OS X 10.8.4. [3318283]
  • Resolved an issue with Symantec Drive Encryption for Mac OS X so that attempted encryption of unsupported partition types no longer produces PGPError #-1. [3318262]
  • Resolved an issue with HP EliteBook 8570w and HP EliteBook 8570p running Red Hat Enterprise Linux 6.2 so that the system reboots properly after encrypting a drive. [3318282]
  • Resolved an issue with HP EliteBook 8570w and HP EliteBook 8770w running Red Hat Enterprise Linux 6.4 so that the system reboots properly after encrypting a drive. [3318293]
  • Resolved an issue with Symantec Drive Encryption so that encryption does not pause but proceeds normally on NTFS-formatted removable disks. [2957602]
  • Resolved an issue with Symantec Drive Encryption so that USB drives with NTFS-formatted boot records now encrypt without stopping. [3318265]
  • Resolved an issue so that the WDE Admin Passphrase remains intact on an encrypted fixed drive of a managed client when the drive is plugged into another managed client through a USB interface. [3318273]
  • Resolved an issue with Symantec Drive Encryption so that when SSO is enabled on a Microsoft Windows 7 64-bit system that is using a simple PGP BootGuard log-in screen, SSO now works correctly for all enrolled users, not just for the first user. [3116309]
  • Resolved an issue so that the memory.dmp file is created on encrypted boot drives of Toshiba Portege R700 and Toshiba Portege Z830 systems installed with Microsoft Windows 7, after a blue screen error occurs. [3318290]
  • Symantec Drive Encryption no longer requires manual activation of the keyboard on a Microsoft Surface Pro system to authenticate in pre-boot. [3210746]
  • Symantec Drive Encryption now supports GUID Partition Table (GPT) formatting on Microsoft Windows 7 64-bit systems and Windows 8.1 64-bit systems, running in UEFI mode. [2692579]
  • Resolved an issue with Symantec Drive Encryption to achieve a significantly faster resume time from hibernation following disk encryption. [2792203]
  • Resolved an issue with Symantec Drive Encryption so that the ‘fast startup’ option now works with SSO on Microsoft Windows 8/8.1 systems running in UEFI mode. [3234682]
     

Symantec File Share Encryption

  • Resolved an issue where a TXT file, exported from the SAP GUI into a Symantec File Share Encryption folder in a Microsoft Distributed File System (DFS), is now encrypted and contains no empty lines or null characters. [3318263]
  • Resolved an issue so that Symantec File Share Encryption does not create unnecessary network traffic caused by PGPfsshl.dll when the Symantec File Share Encryption feature is disabled on the Default Consumer policy. For more information see this article: http://www.symantec.com/docs/TECH210530. [3318285]