Databáza poznatkov

Reboot loops in Windows 10 Threshold 2 after installing Dell Data Protection Encryption


Windows 10 Threshold 2 (1511, Build 10.0.10586) Introduces changes in how Microsoft manages cached credentials. There were modifications with the Local Security Authority Subsystem Service (LSASS) that resulted in changes in when it requested cached credentials from the Operating System.


Affected Products:

Dell Data Protection | Encryption


Dell Data Protection | Encryption has the ability to encrypt cached credentials to limit attack vectors on the machine based on the policy titled "Block Unmanaged Access to Domain Credentials". When this policy is enabled and Dell Data Protection | Encryption is installed on Windows 10 Threshold 2, we encounter a condition where LSASS requests cached credentials before our service is able to load. This causes encrypted data to be fed to the OS from registry. Windows interprets this as bad or tampered data and causes a BSOD. This BSOD may happen extremely quickly and look like a reboot.



To prevent this from occurring on systems with Windows 10 Threshold 2 and the Dell Data Protection | Encryption client, you will need to disable the "Block Unmanaged Access to Domain Credentials" policy at the enterprise level. The Dell Data Protection | Encryption client has further functionality that makes any vulnerabilities this opens extremely difficult to exploit.

8.7.1 is live and contains a work-around for this issue.


For support, US-based customers may contact Dell Data Security ProSupport at 877.459.7304, Option 1, Ext. 4310039, or via the Chat Portal. To contact support outside the US, reference ProSupport’s International Contact Numbers. For additional insights and resources, visit the Dell Security Community Forum.


Identifikátor článku: SLN300462

Dátum poslednej zmeny: 06/26/2018 12:36 PM


Ohodnotiť tento článok

Presné
Užitočné
Jednoducho pochopiteľné
Bol pre vás tento článok užitočný?
Áno Nie
Pošlite nám pripomienky.
Poznámky nemôžu obsahovať nasledujúce špeciálne znaky: <>()\
Ľutujeme, náš systém odosielania pripomienok je momentálne nefunkčný. Skúste znova neskôr.

Ďakujeme vám za pripomienky.