Users Guide
Table Of Contents
- Dell Encryption Personal Technical Advisories v11.1
- Contents
- Technical Advisories
- Contact Dell ProSupport
- New Features and Functionality v11.1
- Resolved Security Advisories v11.1
- Resolved Technical Advisories v11.1
- Technical Advisories v11.1
- New Features and Functionality v11.0
- Resolved Security Advisories v11.0
- Resolved Technical Advisories v11.0
- Technical Advisories v11.0
- New Features and Functionality v10.10
- Resolved Security Advisories v10.10
- Resolved Technical Advisories v10.10
- Technical Advisories v10.10
- New Features and Functionality v10.9
- Resolved Security Advisories v10.9
- Resolved Technical Advisories v10.9
- Technical Advisories v10.9
- New Features and Functionality v10.8
- Resolved Security Advisories v10.8
- Resolved Technical Advisories v10.8
- Technical Advisories v10.8
- New Features and Functionality v10.7
- Resolved Technical Advisories v10.7
- Technical Advisories v10.7
- New Features and Functionality v10.6
- Resolved Technical Advisories v10.6
- Technical Advisories v10.6
- New Features and Functionality v10.5
- Resolved Technical Advisories v10.5
- Technical Advisories v10.5
- New Features and Functionality v10.4
- Resolved Technical Advisories v10.4
- Technical Advisories v10.4
- New Features and Functionality v10.3
- Resolved Technical Advisories v10.3
- Technical Advisories v10.3
- New Features and Functionality v10.2.1
- Resolved Technical Advisories v10.2.1
- Technical Advisories v10.2.1
- New Features and Functionality v10.2
- Resolved Technical Advisories v10.2
- Technical Advisories v10.2
- New Features and Functionality v10.1
- Resolved Technical Advisories v10.1
- Technical Advisories v10.1
- New Features and Functionality v10.0.1
- Resolved Technical Advisories v10.0.1
- Technical Advisories v10.0.1
- New Features and Functionality v10.0
- Resolved Technical Advisories v10.0
- Technical Advisories v10.0
- New Features and Functionality v8.18
- Resolved Technical Advisories v8.18
- Technical Advisories v8.18
- New Features and Functionality v8.17.2
- Resolved Technical Advisories v8.17.2
- Technical Advisories v8.17.2
- New Features and Functionality v8.17.1
- Resolved Technical Advisories v8.17.1
- Technical Advisories v8.17.1
- New Features and Functionality v8.17
- Resolved Technical Advisories v8.17
- Technical Advisories v8.17
- New Features and Functionality v8.16
- Resolved Technical Advisories v8.16
- Technical Advisories
- New Features and Functionality v8.15
- Resolved Technical Advisories v8.15
- Technical Advisories v8.15
- New Features and Functionality v8.13
- Resolved Technical Advisories v8.13
- Technical Advisories v8.13
- New Features and Functionality v8.12
- Resolved Technical Advisories v8.12
- Technical Advisories v8.12
- Resolved Technical Advisories v8.11
- Technical Advisories v8.11
- New Features and Functionality v8.10.1
- Resolved Technical Advisories v8.10.1
- Technical Advisories v8.10.1
- New Features and Functionality v8.10
- Resolved Technical Advisories v8.10
- Technical Advisories v8.10
- Resolved Technical Advisories v8.9.1
- Resolved Technical Advisories v8.9
- Technical Advisories v8.9
- Resolved Technical Advisories v8.7.1
- New Features and Functionality v8.7
- Resolved Technical Advisories v8.7
- Technical Advisories v8.7
- New Features and Functionality v8.6.1
- Resolved Technical Advisories v8.6.1
- New Features and Functionality v8.6
- Resolved Technical Advisories v8.6
- Technical Advisories v8.6
- Resolved Technical Advisories v8.5.1
- Resolved Technical Advisories v8.5
- Technical Advisories v8.5
- New Features and Functionality v8.4.1
- Resolved Technical Advisories v8.4.1
- Technical Advisories v8.4.1
- Resolved Technical Advisories v8.4
- Technical Advisories v8.4
- New Features and Functionality v8.3.2
- Resolved Technical Advisories v8.3.2
- Technical Advisories v8.3.2
- New Features and Functionality v8.3.1
- Resolved Technical Advisories v8.3.1
- New Features and Functionality v8.3
- Resolved Technical Advisories v8.3
- Technical Advisories v8.3
- New Features and Functionality v8.2.1
- Resolved Technical Advisories v8.2.1
- Technical Advisories v8.2.1
- New Features and Functionality v8.2
- Technical Advisories v8.2
- Resolved Technical Advisories v8.1.1
- New Features and Functionality v8.1
- Resolved Technical Advisories v8.1
- Technical Advisories v8.1
- Resolved Technical Advisories v8.0.1
- Resolved Technical Advisories v8.0
- Technical Advisories v8.0
- Technical Advisories v7.7
- Resolved Technical Advisories v7.2.3
- Technical Advisories v7.2.3
- Technical Advisories v7.2.1
- Technical Advisories v7.2
- Workarounds
- Software and Hardware Compatibility
● During a command line uninstall, the installer will not download the encryption keys for the computer unless Silent mode
is specified using the parameter CMGSILENTMODE=1. To work around this issue, specify CMGSILENTMODE=1 in the
command. [27979]
● All registry keys and installation files are not removed after uninstallation. [28219]
● After uninstallation, logon with cached credentials occasionally fails when the computer is not connected to the network.
During uninstallation, the cached credentials are decrypted. If this decryption fails for any reason, the user will not be able
to login while disconnected from the network. To work around this issue, reconnect to the network and log on to cache the
credentials. [28277]
● The encryption icon that indicates that a drive is encrypted does not display when a drive has been encrypted using HCA.
[28400]
● During an attended (non-silent) upgrade from v8.1, the installer does not prompt the user to confirm that the upgrade is
desired before continuing the installation. [28574]
● Preboot Authentication uses a "Basic" disk partition and cannot be converted to "Dynamic" partition (for RAID arrays).
Attempts to convert the partition will result in the PBA not being created or the PBA not starting. [28587]
● After partial decryption recovery on a computer with an HCA card, the local Dell Data Protection | Encryption console
may display duplicate information about local disks. To work around this issue, reboot the computer. After the restart, disk
information displays properly. [28656]
● After installation of Enterprise Edition, the Microsoft Usbccid Smartcard Reader is intermittently reported as being in a
problem state in Device Manager. However, smart cards and fingerprints seem to function normally. Dell ControlVault relies
on the Microsoft Usbccid drivers. A premier case has been opened with Microsoft regarding this issue. [28697]
● Decryption on computers with HCA cards removes Preboot Authentication, which must be reinstalled. At the next logon,
both an Encryption Administrator Password prompt and a Security Tools shutdown message display. When the computer is
shut down, PBA activation begins. However, provisioning will be completed only after a subsequent reboot and entry of the
Encryption Administrator Password. [28722]
● Infrequently, after HCA policy is set, the Preboot Authentication screen does not display until the computer is restarted a
second time. [28762]
● Support for migrating the Personal Edition HCA preboot environment into Enterprise Edition is not available in v8.3. [28794]
● After encryption is enabled, the computer intermittently logs a Critical System Event 41 in the System Event Logs with this
description: "The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped
responding, crashed, or lost power unexpectedly." The issue occurs only during a reboot and does not impact the security of
the data or the performance of the computer. [28795]
● Amended 12/2014 - Secure Boot is a Unified Extensible Firmware Interface (UEFI) protocol that Windows 8 and 8.1 users
can enable in the computer's BIOS to ensure that the computer boots using trusted firmware signed by the computer
manufacturer. The feature is not supported when the following conditions are met:
○ HCA with Dell Data Protection | Security Tools installed
○ HCA with Dell Data Protection | Encryption installed
○ HCA with Dell Data Protection | Security Tools and Dell Data Protection | Encryption installed
To upgrade to Windows 8 or 8.1 on a Dell computer with SED or HCA, Secure Boot cannot be enabled in BIOS. The
Secure Boot setting is disabled by default for computers shipping with Windows 7 or Windows 8/8.1 Downgrade Rights.
This setting should not be changed.
Instructions:
1. Turn on the power to your Dell computer. If the computer is already powered on, reboot it.
2. Press F2 or F12 continuously during boot until a message displays at the upper right of the screen that is similar to
"preparing to enter setup" (F2) or "preparing one-time boot menu" (F12). This launches the system BIOS.
3. In Setting > General > Boot Sequence, ensure that the Legacy Boot List Option is selected.
4. In Settings > General > Advanced Boot Options, ensure that the Enable Legacy Options ROMs check box is selected.
5. In Settings > Secure Boot > Secure Boot Enable, ensure that the Secure Boot Enable selection is Disabled.
6. Apply the changes.
7. Now that the computer BIOS has been changed to a legacy boot mode, the computer must be re-imaged.
[28790]
● When running Windows 7, a computer that is HCA encrypted may not boot in Windows Safe Mode. [28819]
● When using EMS Explorer, cutting and pasting a file does not remove the file from its original location. [28848]
● After an upgrade from v8.2 to v8.3, the v8.2 Dell Data Protection | Encryption installer remains on the computer. [28885]
● During an SDE encryption sweep, although the disk is only partially encrypted based on the progress of the sweep, the
Security Console Encryption screen shows the disk as Protected. [28888]
● Fingerprints and smart cards stop working after the Port Control System policy to disable USB ports is applied. Broadcom
USH hardware is a USB-attached device. When the policy to disable USB ports is applied, it prevents data transmission
to and from the Broadcom USH hardware, which prevents users from logging on with fingerprints or smart cards. The
Technical Advisories
55