Bug fixes
DriveLock 2025.1 is a major version.
This chapter contains information on errors that have been fixed with DriveLock version 2025.1. Our External Issues (EI) numbers, if available, serve as a reference.
Please note that some issues may cause a change in product behavior when you install the update. Before updating, make sure to check your settings to see if your existing environment is affected. The issues are labeled with the following icon 
| Application Control (AC) | |
|---|---|
|
EI-2886 |
When setting the property "Duration of the earning phase for local learning" in the DriveLock Management Console (DMC), the set value was displayed incorrectly in the list - e.g. "604800 days" instead of "7 days". |
|
EI-2653 |
A workaround has been found for a bug in the Omnissa Horizon Client's anti-keylogger driver that prevented the Horizon Client from starting when AC was active. |
| BitLocker Management (BLM) | |
|---|---|
|
EI-2970 |
BitLocker recovery keys in the DOC were not readable for some administrators. This issue has been fixed. |
|
In rare cases, recovery data saved locally for uploading to the DES was either not created or was removed after creation. As a result, triggering a new upload process in the DOC also failed. |
|
|
After resuming a delayed encryption, it was possible that external hard disks were also encrypted. |
|
|
EI-2873 |
Assigning a BLM license alone caused changes to BitLocker policies in Windows, which could interfere with the functionality of an existing BitLocker management solution in certain scenarios. |
|
After installing the DriveLock PBA and encrypting the system partition, BitLocker encryption was deactivated until the next reboot. |
|
|
The recovery of BitLocker and BitLocker To Go via the API now works again if the recovery data is referenced via a Protector ID. |
|
Reference |
BitLocker To Go |
|---|---|
|
Some icons were missing in the context menu of the agent (BitLocker To Go). |
|
|
Event 111 was also reported if an empty SD card reader was present and BitLocker To Go was configured with forced encryption. |
| Database | |
|---|---|
|
EI-2919 |
Fixed an issue where the license evaluation in the DOC could lead to database locks if the server was under high load. |
| Device Control (DC) | |
|---|---|
|
EI-2971 |
Fixed an issue where uncontrolled MTP devices were blocked by Device Control. |
|
For devices with multiple hardware IDs, all but the first ID were ignored. |
|
|
In previous versions the rename of a file was only blocked in cases where the allowed file was renamed to a blocked extension. This has been enhanced to avoid turning allowed files into blocked files: if a rename would produce a content mismatch it is blocked and undone. |
|
|
When creating a device rule in the DMC, only the first compatible ID was applied when browsing for an installed device. The other compatible IDs were ignored. |
|
|
If enforced encryption with Encryption 2-Go or BitLocker To Go had not been set, the 'Encrypt' entry was not displayed in the context menu for this drive. |
|
|
Fixed performance issues (e.g. no reaction or computer crash) caused by repeated opening and thus repeated scanning of the same file in the context of a single user call. |
|
|
Changes in the context of copy/read/write/rename/etc requests that trigger a content scan after these changes to the file have already been applied and as a scan result are undesired are now undone more reliably. |
|
Reference |
DriveLock Enterprise Service (DES) |
|---|---|
|
EI-2907 |
Fixed an issue that occurred when sending emails if the text contained line breaks. This mainly affected the sending of notification e-mails for third-party events from the server. |
|
EI-2853 |
Fixed an issue where adding a drive or device to a rule was not correctly displayed as the last action for the drive or device. |
|
EI-2900 |
The evaluation of license usage for computers that were deleted via the API has been corrected. |
|
Changes to the log level via the DesTray only affect the currently running DES service. To apply the settings permanently, please use the option in the DOC under Backend -> Server -> General -> Debug tracing |
|
|
EI-2964 |
Fixed an issue that occurred while using the certificate for sending data to the syslog server. |
|
Reference |
DriveLock Management Console (DMC) |
|---|---|
|
EI-2823 |
The DMC did not remove spaces from the vendor and product ID when reading local drives for drive rules. |
|
Reference |
DriveLock Operations Center (DOC) |
|---|---|
|
When editing an existing policy assignment, no other policy could be selected if the 'Policy type' column had not previously been displayed. |
|
|
EI-2856 |
In the DOC, the 'Encryption' entry was missing in the navigation menu if only BitLocker 2 Go was available as an encryption module in the license. |
|
There is no longer a size limit for exporting lists, which means that even very large lists can now be exported. |
|
Reference |
DriveLock Pre-Boot Authentication |
|---|---|
|
EI-2799 |
The challenge/response code for the PBA emergency login without user name remained the same after use if the SSO policy was disabled. This behavior has been corrected. |
|
Reference |
Encryption 2-Go |
|---|---|
|
EI-2757 |
Unencrypted access to drives was only enabled until the following configuration update. |
|
Reference |
File Protection (FFE) |
|---|---|
|
EI-2681 |
Fixed a cache management issue in the old FFE format that caused a sharing violation with the Foxit PDF Creator snap-in. |
|
EI-2911 |
Fixed a performance issue when logging into an RDP terminal server session in combination with FSLogix. |
|
If the FFE mode "Old format" is used in Windows 11 24H2, older DriveLock versions generate a BSOD in FltMgr.sys when accessing encrypted folders. This BSOD is triggered by the DL FFE driver and has been fixed. (Microsoft says that the change they didn't catch was already added in Windows 11 22H2, but we're only seeing the BSOD with Windows 11 24H2). To avoid errors due to future extensions of the Windows structure FSRTL_ADVANCED_FCB_HEADER, we now stick to a version of this structure that meets our requirements. |