![]() In this article we discuss various approaches to exploiting a vulnerability in a kernel driver, PGPwded.sys, which is part of Symantec Encryption Desktop. For more information, see the following SYMC Advisory: While there is no plan to produce a patch for Symantec Encryption Desktop, the Symantec Security and Development teams have recommendations to mitigate the risks involved. Symantec has produced a patch for Symantec Endpoint Encryption as of version 11.3.0 but not for Symantec Encryption Desktop. This vulnerability affected both Symantec Endpoint Encryption and Symantec Encryption Desktop. We will continue to work with Symantec to help them to produce an effective patch. Consequently, we are at the point of publishing the findings publicly. We have been working with Symantec to try and help them to fix this since our initial private disclosure in July 2017 (full timeline at the end of this article), however no patch has yet been released. If you want to change your security questions, right-click the user name and select Add Security Questions.Note: These vulnerabilities remain unpatched at the point of publication. The same security questions are displayed if you forget your passphrase again. If you would like to see the characters of your passphrase as you type, select the Show Keystrokes check box. Normally, as an added level of security, the characters you type for a passphrase are not visible on the screen. For more information, see The Passphrase Quality Bar (on page 268). The Passphrase Quality bar provides a basic guideline for the strength of the passphrase you are creating. The new passphrase is created for the user. When Windows has finished launching, the PGP Disk - Change User Passphrase dialog box is displayed.ħ Enter and confirm a new passphrase for the user, and click OK. When the Log On to Windows dialog box is displayed, enter your Windows login name and password. You must answer three of the five questions correctly.Ħ When you have answered the questions correctly, the Windows operating system begins to start up. ![]() Answer the first security question displayed. ![]() These screens appear based on the LSR policy applied to the computer, the number of LSR-configured Drive Encryption users on the computer, and the type of PGP BootGuard screen enabled for the computer.Ĥ. If the screen prompts you to enter Drive Encryption username, enter your Drive Encryption username and press Enter.If the screen prompts you to select username, select your username and press Enter.On the screen that prompts you to select a recovery option, select Answer my questions to log into the system and press Enter. At the PGP BootGuard screen, press F4 or use the arrow keys to select Forgot Passphrase and press Enter.Ģ. To recover your passphrase at PGP BootGuardġ. The user's name is displayed with LSR to the right (and a tool tip), to indicate that "local self recovery" has been configured for the user. Create and answer the five security questions. ![]() Note: You cannot create security questions for the Drive Encryption-Admin user or the ADK.ģ. Right-click the user's name in Symantec Encryption Desktop and select Add Security Questions. You can use either a Passphrase user or a Windows SSO user.Ģ. Using Symantec Encryption Desktop, encrypt your internal drive. If Symantec Encryption Desktop does not prompt you to configure LSR, you can manually do so after encrypting an internal drive.ġ. In this case, you are prompted to enter the security questions as you set up Symantec Encryption Desktop. Your administrator may also have specified that LSR be configured during enrollment. Note: If you are using Symantec Encryption Desktop in a Symantec Encryption Server-managed environment, your Symantec Encryption Server administrator may have disabled the option for local self recovery (LSR). This is similar to recovering your key if you lost the key or forgot the passphrase for the key. You create and answer the five security questions. If you forgot your passphrase, and if your system is configured for it, you can bypass PGP BootGuard by answering three out of five security questions correctly.
0 Comments
Leave a Reply. |