Windows 10 Threshold 2 (1511, Build 10.0.10586) Introduces changes in how Microsoft manages cached credentials. There were modifications with the Local Security Authority Subsystem Service (LSASS) that resulted in changes in when it requested cached credentials from the Operating System.
Dell Data Protection | Encryption
Dell Data Protection | Encryption has the ability to encrypt cached credentials to limit attack vectors on the machine based on the policy titled "Block Unmanaged Access to Domain Credentials". When this policy is enabled and Dell Data Protection | Encryption is installed on Windows 10 Threshold 2, we encounter a condition where LSASS requests cached credentials before our service is able to load. This causes encrypted data to be fed to the OS from registry. Windows interprets this as bad or tampered data and causes a BSOD. This BSOD may happen extremely quickly and look like a reboot.
To prevent this from occurring on systems with Windows 10 Threshold 2 and the Dell Data Protection | Encryption client, you will need to disable the "Block Unmanaged Access to Domain Credentials" policy at the enterprise level. The Dell Data Protection | Encryption client has further functionality that makes any vulnerabilities this opens extremely difficult to exploit.
8.7.1 is live and contains a work-around for this issue.
For support, US-based customers may contact Dell Data Security ProSupport at 877.459.7304, Option 1, Ext. 4310039, or via the Chat Portal. To contact support outside the US, reference ProSupport’s International Contact Numbers. For additional insights and resources, visit the Dell Security Community Forum.
Article ID: SLN300462
Last Date Modified: 06/26/2018 12:36 PM
Thank you for your feedback.