Users Guide
Table Of Contents
- Dell Endpoint Security Suite Enterprise Technical Advisories v3.0
- Contents
- Technical Advisories
- Contact Dell ProSupport
- New Features and Functionality v3.0
- Resolved Security Advisories v3.0
- Resolved Technical Advisories v3.0
- Technical Advisories v3.0
- New Features and Functionality v2.9
- Resolved Security Advisories v2.9
- Resolved Technical Advisories v2.9
- Technical Advisories v2.9
- New Features and Functionality v2.8
- Resolved Security Advisories v2.8
- Resolved Technical Advisories v2.8
- Technical Advisories v2.8
- New Features and Functionality v2.7
- Resolved Technical Advisories v2.7
- Technical Advisories v2.7
- New Features and Functionality v2.5
- Resolved Technical Advisories v2.5
- Technical Advisories v2.5
- New Features and Functionality v2.4
- Resolved Technical Advisories v2.4
- Technical Advisories v2.4
- New Features and Functionality v2.3
- Resolved Technical Advisories v2.3
- Technical Advisories v2.3
- New Features and Functionality v2.2.1
- Resolved Technical Advisories v2.2.1
- Technical Advisories v2.2.1
- New Features and Functionality v2.2
- Resolved Technical Advisories v2.2
- Technical Advisories v2.2
- New Features and Functionality v2.1
- Resolved Technical Advisories v2.1
- Technical Advisories v2.1
- New Features and Functionality v2.0.1
- Resolved Technical Advisories v2.0.1
- Technical Advisories v2.0.1
- New Features and Functionality v2.0
- Resolved Technical Advisories v2.0
- Technical Advisories v2.0
- New Features and Functionality v1.8
- Resolved Technical Advisories v1.8
- Technical Advisories v1.8
- New Features and Functionality v1.7.2
- Resolved Technical Advisories v1.7.2
- Technical Advisories v1.7.2
- New Features and Functionality v1.7.1
- Resolved Technical Advisories v1.7.1
- Technical Advisories v1.7.1
- New Features and Functionality v1.7
- Resolved Technical Advisories v1.7
- Technical Advisories v1.7
- New Features and Functionality v1.6
- Resolved Technical Advisories v1.6
- Technical Advisories v1.6
- New Features and Functionality v1.5
- Resolved Technical Advisories v1.5
- Technical Advisories v1.5
- New Features and Functionality v1.4
- Resolved Technical Advisories v1.4
- Technical Advisories v1.4
- New Features and Functionality v1.3
- Resolved Technical Advisories v1.3
- Technical Advisories v1.3
- Resolved Technical Advisories v1.2
- Technical Advisories v1.2
- New Features and Functionality v1.1.1
- Resolved Technical Advisories v1.1.1
- Technical Advisories v1.1.1
- New Features and Functionality v1.1
- Resolved Technical Advisories v1.1
- Technical Advisories v1.1
- Resolved Technical Advisories v1.0.1
- Technical Advisories v1.0.1
- New Features and Functionality v1.0
- Technical Advisories v1.0
- Previous Technical Advisories
- Workarounds
- Software and Hardware Compatibility
work around this issue, ensure that the computer has access to the Enterprise Server during the installation of the Dell
Data Protection | Encryption client and policy deployment to back up encryption keys and other critical data, complete PBA
activation, and enforce required shutdown. [28787/DDPC-37]
● After encryption is enabled, the computer intermittently logs a Critical System Event 41 in the System Event Logs with this
description: "The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped
responding, crashed, or lost power unexpectedly." The issue occurs only during a reboot and does not impact the security of
the data or the performance of the computer. [28795]
● Secure Boot is a Unified Extensible Firmware Interface (UEFI) protocol that Windows 8 and 8.1 users can enable in the
computer's BIOS to ensure that the computer boots using trusted firmware signed by the computer manufacturer. The
feature is not supported when the following conditions are met:
○ HCA with Dell Data Protection | Security Tools installed
○ HCA with the Dell Data Protection | Encryption client installed
○ HCA with Dell Data Protection | Security Tools and the Dell Data Protection | Encryption client installed
To upgrade to Windows 8 or 8.1 on a Dell computer with SED or HCA, Secure Boot cannot be enabled in BIOS. The
Secure Boot setting is disabled by default for computers shipping with Windows 7 or Windows 8/8.1 Downgrade Rights.
This setting should not be changed.
Instructions:
1. Turn on the power to your Dell computer. If the computer is already powered on, reboot it.
2. Press F2 or F12 continuously during boot until a message displays at the upper right of the screen that is similar to
"preparing to enter setup" (F2) or "preparing one-time boot menu" (F12). This launches the system BIOS.
3. In Setting > General > Boot Sequence, ensure that the Legacy Boot List Option is selected.
4. In Settings > General > Advanced Boot Options, ensure that the Enable Legacy Options ROMs check box is selected.
5. In Settings > Secure Boot > Secure Boot Enable, ensure that the Secure Boot Enable selection is Disabled.
6. Apply the changes.
7. Now that the computer BIOS has been changed to a legacy boot mode, the computer must be re-imaged.
[28790]
● When running Windows 7, a computer that is HCA encrypted may not boot in Windows Safe Mode. [28819]
● When using EMS Explorer, cutting and pasting a file does not remove the file from its original location. [28848]
● After an upgrade from v8.2 to v8.3, the v8.2 the Dell Data Protection | Encryption client installer remains on the computer.
[28885]
● During an SDE encryption sweep, although the disk is only partially encrypted based on the progress of the sweep, the
Security Console Encryption screen shows the disk as Protected. [28888]
● After a user is suspended in the Remote Management Console, the Shield ID is blank rather than indicating that the Shield is
unmanaged. On the client computer, the Dell Data Protection | Encryption local console does not open properly. [28893]
● Fingerprints and smart cards stop working after the Port Control System policy to disable USB ports is applied. Broadcom
USH hardware is a USB-attached device. When the policy to disable USB ports is applied, it prevents data transmission
to and from the Broadcom USH hardware, which prevents users from logging on with fingerprints or smart cards. The
problem can be resolved by applying a combination of policies that restrict access to USB external media by setting Windows
Portable Device and External Storage Device class policy to Read Only. This policy combination allows the Broadcom USH
hardware to function properly but prevents data from being transferred from the computer to external media such as USB
flash drives and smart phones. [28895]
Advanced Authentication
● Removing the USB Fingerprint reader without ejecting the device causes Dell ControlVault to fail. The issue occurs because
Windows handles the removal action of biometric devices incorrectly. To correct this issue, download and install the Hotfix
available at http://support.microsoft.com/kb/2913763. [27696]
● A contactless card may not be immediately recognized, because Windows does not load its driver. To work around this issue,
in Windows Device Manager, disable the smart card device. For more information, see http://support.microsoft.com/kb/
976832. [27981]
● On Dell Venue tablets, the touch keyboard is not automatically available at the Windows logon screen. To work around this
issue, touch the keyboard icon to display the touch keyboard. [28257]
● When the Password Manager option, Fill in logon data, is selected and credentials are enrolled with Password Manager, data
is populated into a logon screen but log on does not occur. [28502]
● With Windows 8.1, after a Password Manager logon is deleted in the Security Console, the link to the logon page remains in
the list of Password Manager logons. [28515]
● Password Manager is not available in Google Chrome until it is activated. To activate Password Manager in Google Chrome,
follow these steps:
1. In the Google Chrome Settings page, select Make Google Chrome my default browser.
Technical Advisories
73