Windows 10 Threshold 2 (1511, Build 10.0.10586) Introduces changes in how Microsoft manages cached credentials. There were modifications with the Local Security Authority Subsystem Service (LSASS) that resulted in changes in when it requested cached credentials from the Operating System.
Dell Data Protection | Encryption
Dell Data Protection | Encryption (DDPE) has the ability to encrypt cached credentials to limit attack vectors on the machine based on the policy titled "Block Unmanaged Access to Domain Credentials". When this policy is enabled and Dell Data Protection | Encryption is installed on Windows 10 Threshold 2, we encounter a condition where LSASS requests cached credentials before our service is able to load. This causes encrypted data to be fed to the OS from registry. Windows interprets this as bad or tampered data and causes a BSOD. This BSOD may happen extremely quickly and look like a reboot.
To prevent this from occurring on systems with Windows 10 Threshold 2 and the Dell Data Protection | encryption client, you will need to disable the "Block Unmanaged Access to Domain Credentials" policy at the enterprise level. The Dell Data Protection | Encryption client has further functionality that makes any vulnerabilities this opens extremely difficult to exploit.
8.7.1 is live and contains a work-around for this issue.
For any questions/concerns, please call Dell Data Protection ProSupport at: 877.459.7304 Ext. 4310039. For support outside the US, reference ProSupport’s International Contact numbers list. You can also join us on our Dell Security Community Forum.
Article ID: SLN300462
Last Date Modified: 02/27/2017 10:26 AM