知識庫

Reboot loops in Windows 10 Threshold 2 after installing Dell Data Protection Encryption


Windows 10 Threshold 2 (1511, Build 10.0.10586) Introduces changes in how Microsoft manages cached credentials. There were modifications with the Local Security Authority Subsystem Service (LSASS) that resulted in changes in when it requested cached credentials from the Operating System.


Affected Products:

Dell Data Protection | Encryption


Dell Data Protection | Encryption (DDPE) has the ability to encrypt cached credentials to limit attack vectors on the machine based on the policy titled "Block Unmanaged Access to Domain Credentials". When this policy is enabled and Dell Data Protection | Encryption is installed on Windows 10 Threshold 2, we encounter a condition where LSASS requests cached credentials before our service is able to load. This causes encrypted data to be fed to the OS from registry. Windows interprets this as bad or tampered data and causes a BSOD. This BSOD may happen extremely quickly and look like a reboot.



To prevent this from occurring on systems with Windows 10 Threshold 2 and the Dell Data Protection | encryption client, you will need to disable the "Block Unmanaged Access to Domain Credentials" policy at the enterprise level. The Dell Data Protection | Encryption client has further functionality that makes any vulnerabilities this opens extremely difficult to exploit.

8.7.1 is live and contains a work-around for this issue.


For any questions/concerns, please call Dell Data Protection ProSupport at: 877.459.7304 Ext. 4310039. For support outside the US, reference ProSupport’s International Contact numbers list. You can also join us on our Dell Security Community Forum.


文章 ID: SLN300462

上次修改日期: 02/27/2017 10:26 AM


為本文評分

準確
實用
易懂
這篇文章對您有用嗎?
傳送意見反應
評語中不得包含下列特殊字元:<>()\
很抱歉,我們的意見回饋系統目前關閉中。請稍後再試。

感謝您的寶貴意見。