Bug fixes
DriveLock 2025.2 is a major version.
This chapter contains information on errors that have been fixed with DriveLock version 2025.2. Our External Issues (EI) numbers, if available, serve as a reference.
|
Reference |
Application Control (AC) |
|---|---|
|
EI-3065 |
Application Behavior Control (ABC): Fixed a bug that caused certain ABC rules to trigger unexpected behavior in some programs. |
| BitLocker Management (BLM) | |
|---|---|
|
The 'Export certificate' task created incorrect file names when exporting encryption certificates from a BitLocker management policy. |
|
|
Fixed a bug where encryption was not paused for logged-on users, even though the corresponding option was enabled in the policy. |
|
|
EI-2880 |
After temporarily deactivating a data partition encrypted with BitLocker, the PBA status was displayed as 'suspended' although the BitLocker PBA was still active. |
|
In some cases, the password input field for setting a new BitLocker password was automatically pre-assigned without prompting. |
|
|
EI-3025 |
In rare cases, BitLocker encryption was canceled with the error "The system could not find the specified file". |
|
EI-2969 |
Fixed a bug that occurred when accessing BitLocker recovery data on computers when the DOC account had the 'Encryption Officer' role but it was restricted to a DriveLock group. |
|
During the decryption of BitLocker-encrypted partitions, event 658 (BitLocker encryption suspended) was reported in some cases. |
|
|
EI-3037 |
Fixed a bug that made it impossible to reset the BitLocker password via the DOC. |
|
During BitLocker To Go encryption of external drives, a Windows dialog with a progress bar was displayed in some cases, which could be used to perform further actions. The display of this dialog is now prevented. |
| Device Control (DC) | |
|---|---|
|
When creating device rules for some events (e.g. Event ID 120), it happened that the information from the event parameters (e.g. hardware ID) was not correctly transferred to the rule. |
|
|
In the DOC under Security Controls -> Drives -> Events, the display for event 120: Serial interface locked was missing. |
|
|
Fixed a blue screen when renaming to controlled USB data carriers (in the event of a name conflict with an existing file). |
|
|
EI-2996 |
Fixed an issue that caused a system crash (Blue Screen) when moving files into or out of subfolders if a file with the same name already existed in the target directory. |
|
Renaming a permitted non-archive file to an archive file is now blocked as this is a content conflict. |
|
|
EI-2954 |
The content check for NTFS Alternate Data Streams (ADS) has been corrected. Known ADS can now be checked via user-defined file type definitions in the format ':ADS name'. Without such a definition, ADS will not be blocked. Only the file name of the main data stream is relevant for extension blocking. |
|
Fixed a bug that caused certain .MP4 files to be incorrectly blocked even though this file type was allowed according to the configured file type definitions. The recognition of .MP4 files has been extended accordingly. |
|
|
Fixed a bug where Windows/AD groups used in DriveLock groups were not applied correctly in drive permissions. |
|
|
EI-2998 |
For drive and device rules, the timestamp of the last event in the device list was sometimes displayed incorrectly or not at all - especially for rules with many entries. |
| Disk Protection | |
|---|---|
|
In some cases, the title bar of some encryption dialogs was not displayed correctly. |
|
|
EI-3030 |
The status of partitions encrypted with Disk Protection was displayed as 'suspended' in the DOC, although encryption was active. |
| DriveLock Agent | |
|---|---|
|
EI-2994 |
A blue screen could occur when files on drives controlled by DriveLock were renamed without a file extension and has been fixed. |
|
EI-3057 |
When starting the DriveLock Agent, the license check could lead to a crash in rare cases. |
|
EI-2980 |
Fixed a bug that caused agents to display license warnings even though a valid license was available. |
|
Reference |
DriveLock Enterprise Service (DES) |
|---|---|
|
Fixed listing of recovery data when the option "only last entry per computer" was selected (MMC, FDE Recovery Wizard). |
|
|
Fixed a cross-site scripting (XSS) vulnerability that occurred during data export. |
|
|
The EntraID functionality in the server now uses the proxy configured in the server settings (backend). |
|
|
When querying events via the API, not all properties were returned if the query parameter 'select' was empty. |
|
|
Fixed an issue that caused problems when renaming cloned computers with an active Join or Identity Token. In addition, the behavior when renaming master images has been optimized. |
|
Reference |
DriveLock Management Console |
|---|---|
|
EI-2977 |
In the taskpad view for the global settings in the DMC, some tasks opened an incorrect configuration dialog. |
|
EI-3028 |
Adding the serial number of a connected Android smartphone to a whitelist rule no longer worked - the serial number was not transferred. |
|
When resetting a policy version, the publication comment is now reliably removed and no longer incorrectly retained. |
|
Reference |
DriveLock Operations Center (DOC) |
|---|---|
|
EI-2982 |
When exporting from rules, all contained drives or devices are now taken into account - not just the selected ones. |
|
Some events (524-529) were incorrectly moved from Drives -> Polling/Shadow Copies to Devices -> Polling/Shadow Copies. |
|
|
Various events were missing in the DOC under Encryption -> Events, which should have been visible there. |
|
|
After suspending BitLocker encryption for a certain period of time, the DOC no longer displayed when encryption would be reactivated. |
|
|
EI-2998 |
Fixed a bug where the timestamp of the last use of drive rules was not displayed correctly in the DOC. |
|
EI-3062 |
Fixed an issue that occurred when setting role properties. |
|
EI-3024 |
Operating several linked DES servers no longer leads to MQTT connection problems. |
|
Reference |
DriveLock Pre-Boot Authentication |
|---|---|
|
After completing the re-encryption with the DriveLock PBA, the message that all drives were encrypted was not displayed. |
|
|
If a manual restart was specified in the policy, the installation of the DriveLock PBA could be faulty. |
|
Reference |
Encryption 2-Go |
|---|---|
|
When using a rule for forced encryption with configured free space on the target medium, the size of a new container was not calculated correctly. |
|
|
EI-1966 |
Fixed a bug where the password recovery wizard for Encryption 2-Go containers was not started from the mount dialog of the Mobile Encryption Application (MEA). |
|
Reference |
File Protection (FFE) |
|---|---|
|
Fixed a bug that prevented the creation of a centrally managed encrypted folder via the agent user interface. |
|
|
In DOC, it was not possible to replace a certificate with another one for File Protection users if it had expired, for example. In addition, expired validity is now indicated by red lettering. |