Windows 10 Threshold 2 (1511, Build 10.0.10586) Introduces changes in how Microsoft manages cached credentials. There were modifications with the Local Security Authority Subsystem Service (LSASS) that resulted in changes in when it requested cached credentials from the Operating System.
Dell Data Protection | Encryption
Dell Data Protection | Encryption has the ability to encrypt cached credentials to limit attack vectors on the machine based on the policy titled "Block Unmanaged Access to Domain Credentials". When this policy is enabled and Dell Data Protection | Encryption is installed on Windows 10 Threshold 2, we encounter a condition where LSASS requests cached credentials before our service is able to load. This causes encrypted data to be fed to the OS from registry. Windows interprets this as bad or tampered data and causes a BSOD. This BSOD may happen extremely quickly and look like a reboot.
To prevent this from occurring on systems with Windows 10 Threshold 2 and the Dell Data Protection | Encryption client, you will need to disable the "Block Unmanaged Access to Domain Credentials" policy at the enterprise level. The Dell Data Protection | Encryption client has further functionality that makes any vulnerabilities this opens extremely difficult to exploit.
8.7.1 is live and contains a work-around for this issue.
For additional support, US based customer can call Dell Data Security ProSupport at: 877.459.7304 Ext. 4310039 or you may also contact us via the Chat Portal. For support outside the US, reference ProSupport’s International Contact Numbers list. Visit the Dell Security Community Forum to get insights from other community members and additional resources to help you manage your environment.
Article ID: SLN300462
Last Date Modified: 01/30/2018 08:37 AM