How to disable Windows Automatic Repair via a logon script for systems that have Drive Encryption installed
Last Modified: 2024-01-06 09:07:12 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
How to disable Windows Automatic Repair via a logon script for systems that have Drive Encryption installed
Technical Articles ID:
KB76649
Last Modified: 2024-01-06 09:07:12 Etc/GMT Environment
Drive Encryption (DE) 7.1 and later Endpoint Encryption for PC 7.0.x Microsoft Windows 8 and later For details of DE-supported environments, see KB79422 - Supported platforms for Drive Encryption 7.x. Summary
This article covers how Windows recovery tools can impact the operating system when DE is installed.
Problem
The Windows 8 and later operating systems contain a feature called Automatic Repair. When this feature is run on a system where the hard-disk is encrypted, it inadvertently destroys the encrypted operating system files. The Windows feature can cause permanent boot problems. NOTE: In previous releases of Windows, the user was asked whether they wanted to repair the system before starting the repair. But, on Windows 8 and later, the system boots into Automatic Repair immediately when a problem is detected. It doesn't allow the user to cancel the action, which leaves little scope to prevent the destruction of encrypted data. SolutionAdministrators can use the following steps to disable this Windows 8 feature via a logon script:
AttachmentAffected ProductsLanguages:This article is available in the following languages: |
|