VeraCrypt 1.25.9 Encryption Software fixes BSOD on Windows
VeraCrypt is a popular open source encryption software that is based on the abandoned TrueCrypt application. VeraCrypt 1.25.9 was released on February 19, 2022 to the public.
The new version of the encryption software is already available. New and existing users may download the latest version from the official website for all supported operating systems. Select Help > About in the application interface to find out which version of VeraCrypt is installed.
VeraCrypt 1.25.9 includes fixes for the three supported operating systems Windows, Mac OS and Linux. Most changes apply only to the Windows version, including a fix for a BSOD that could happen on shutdown.
VeraCrypt erases the system encryption keys on shutdown by default; this procedure caused Blue Screens of Death on some Windows devices. The developers have created a new Registry key that toggles the erasing of the encryption keys on Windows devices.
- Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\veracrypt
- Right-click on the VeraCrypt value and select New > Dword (32-bit) Value.
- Name it VeraCryptEraseKeysShutdown.
- Set the value to 0 to disable the erasing of security keys during shutdown.
The workaround is only required on systems that are affected by BSOD errors during shutdown. The Windows version of VeraCrypt includes several other changes:
- The size of the .exe installer was almost halved by switching from Deflate compression to LZMA.
- The minimum supported operating system version for MSI installs was set to Windows 7; this is a bit strange, as the download page lists Windows 10 as the minimum requirement for the MSI installer.
- The MSI installer is compatible with system encryption.
- The error that prevented Traveler Disks from being created using MSI has been fixed.
- Double-clicking mounted drives did not work in some cases in the VeraCrypt user interface.
- The outer volume password is not cached anymore when mounting with hidden volume protection if the wrong hidden volume password was specified.
Linux and Mac OS builds of VeraCrypt share a fix, which is also the only fix for Mac OS. Both address a hidden volume settings display issue when enabling hidden volume protection in the mount options window.
The Linux version has three additional fixes and improvements, including one crash fix. You can check out the entire changelog here.
Now You: do you use encryption software?
Someone above commented that he still uses TrueCrypt 7.1a.
So do I.
I use BitLocker for full-disk encryption, and (stored on one of those BitLocker encrypted drives) I have a small TrueCrypt volume (that I first created decades ago) in which I store backups of my backed up backup password vault. (In short, _really_ fallback stuff).
It’s rarely online (less often than once a month, and for a few minutes only); the file name is literally “SECRETS” so it’s not like I’m looking for plausible deniability. And TrueCrypt 7.1a is not installed – I use it in portable mode.
For such limited use of TrueCrypt, is there really a reason (a known vulnerability that would be applicable to this situation) to switch to Veracrypt or whatever else?
Do you know any alternatives for Lacie Private-Public 1.0.0? It’s very easy to use when you want to encrypt your pendrive and has a great option of ejecting a pendrive after certain time just like veracrypt but it’s much easier.
It should have the option of auto-dismounting volume after no data has been read/written to it for …. minutes.
However, it’s not supported anymore. Any recommendations?
Do I use VeraCrypt? Yes. Why? I have a jealous girlfriend, and she is not my first girlfriend. Without VeraCrypt my past life would only exist in my head, since all my photographs/letters/fluffy animals have all been destroyed. Now the only thing that can take away my memories is dementia so I forget my password..or if by some magical chance 5 devastating fires occur at 5 different locations where I keep copies of my past life VeraCrypted or if the internet implodes and my cloud storage too vanishes. So yeah, I use VeraCrypt. I have to. I also have a feeling I’m not the only one with such mundane usage, you can’t all be international men of mystery and industrial or nuclear technology spies or terrorists, right? RIGHT???
Disable scripts on ghacks with uMatrix ;-)
So you’ll scroll down to advertising which pays Martin the beans he needs to keep up his strenght for the site eat, eating the occasional can of beans. For his sake, learn to adapt.
Why scrolling end of the page takes me to another article? Its so confusing. How to turn this nonsense off?
Do I use encryption software? Thanks for asking.
I’ve never switched from TrueCrypt (v. 7.1a) to VeraCrypt and I’ve read as many articles as comments suggesting I was wrong. If I was in an environment requiring the closest to zero risks I would have followed those suggestions, but here, lost in my solitude, encryption itself is mainly aimed at the scenario where Miss Universe would pop-in and ask to play with… my computer. Most on my secrets are brain-encrypted anyway.
Encryption is for more than just hiding porn from your misses. Its there to keep someone from getting everything off your HDD when you dispose of it or if someone steals it.
> Now You: do you use encryption software?
Yes, full system encryption with dm-crypt/LUKS on GNU/Linux and VeraCrypt on Windows. Besides, all external USB hard disks are fully encrypted. I like the benefit that a full encrypted hard disk can rather safely be disposed in case of mechanical HD failures when secure wiping is no more possible afterwards.
I’m also very, very thankful to the developer of VeraCrypt for bringing back support for Windows 7 (after it was briefly removed in 1.25.4)!
are there any issues with using luks and veracrypt in the same environment? i’ve been interested in migrating to linux (or at least trying to) for years now but drive encryption solutions like this are another thing i’ve never really been able to wrap my head around
> are there any issues with using luks and veracrypt in the same environment?
In general I would say, no. One of the machines under my control is a dual-boot UEFI system with Debian GNU/Linux sid (dm-crypt/LUKS) and Windows 8.1 Enterprise (VeraCrypt), which is indeed a bit tricky: I have never managed to decrypt and mount the VeraCrypt encrypted Win8.1 system partition (from the internal HD) into my Linux system. I don’t know if it’s a problem of the computer hardware itself (a Dell Optiplex that was not very happy to accept Win8.1 as OS) or just simple PEBKAC (it always tells me the password is wrong although I know it’s correct). Well, I have never felt the urge to investigate this further. :-) External USB HDs (with NTFS) are mounted flawlessly with VeraCrypt on the Linux system, though. If I can solve the problem, I will post the solution here.
dm-crypt/LUKS is really nice in combination with dropbear to remotely unlock and boot the system via ssh. I don’t know if the same is possible for Windows systems with VeraCrypt.
If you want to try Linux based encryption, I would recommend to have a look at the Ubuntu and especially the Archlinux wiki; they are valuable sources of information.
> RE: decrypt and mount a VeraCrypt encrypted Windows system partition from a Linux system
In VeraCrypt after clicking the “Mount” button there is an “Options” button and you can select “Mount partition using system encryption…”. Note you can only mount as read+write if your Windows has “fast startup” switched off (under power options or power buttons, in Windows settings or control panel).
@anon2:
That was the solution to my problem! Thank you so much, anon2, for providing these detailed info and solution. Indeed, it worked perfectly and I was able to decrypt and mount the VeraCrypt Win8.1 system partition following your advice.