Windows Patch Notes for CTE v7.8.0.111
| CTE version | Date | Version | 
|---|---|---|
| v7.8.0.111 | 2025-10-01 | v1 | 
Resolved Issues
- 
AGT-67904: [CS2201560] voradmin ldt Reports Incorrect Key Name AFFECTED VERSIONS: 7.7.0.87 — 7.8.0.99 When users moved or copied files from a non-guarded location to a guarded location without applying a key, the voradmin ldt report <guardpoint>command displayed an incorrect key name. This issue was caused by the lazy rekey feature.The voradmin ldt reportcommand has been updated to correctly display the key status for files affected by lazy rekey.
- 
AGT-66253 | AGT-66374 [CS2146268]: Unable to access symbolic link in an LDT GuardPoint AFFECTED VERSIONS: 7.7.0.111 — 7.8.0.99 Previously, symbolic links located inside protected folders could not be accessed. This resulted in errors, or denied access, when trying to follow or use those links. This issue has been fixed. Symbolic links inside protected folders can now be accessed as expected, ensuring smoother file operations and improved reliability. 
- 
AGT-66593: Logging differences between Linux and Windows while imposing writing restrictions from OS AFFECTED VERSIONS: 7.8.0.99 Issue occurred when FAM was enabled, and a FAM policy was applied. If an IO operation failed, with access deniederror from NTFS, on a CTE guarded path, FAM log displayed access state asCTE_DENIEDinstead ofOS_DENIED. This has been fixed.
- 
AGT-66626: [CS1604122]: Effective User ID displaying as Computer Name causing access deniedon GuardPointsAFFECTED VERSIONS: 7.7.0.130 — 7.8.0.99 The CTE Windows driver was preventing access to the file for fast I/O reads when it should have returned that the operation was not supported. Only normal I/O reads are supported. This issue has been fixed. 
- 
AGT-66937 [CS2189489] Windows disk management unable to display the mounted volume info after guarding AFFECTED VERSIONS: 7.6.0.143 — 7.8.0.99 When the Access Control List of a mount point does not specify allowing access for the user group, Disk Manager may not be able to display the mount point. This was fixed by changing the CTE driver to perform less stringent permissions checking for directories. 
- 
AGT-67113 [CS2186722]: MSSQL update (KB5046862) failed to install when staging drive is guarded with CTE RWP AFFECTED VERSIONS: 7.7.0.77 — 7.8.0.xx When attempting to perform an MSSQL update (KB5046862) on an RWP protected volume, this update failed. This was due to an issue with Enhanced RWP Protection. This issue has been fixed. 
- 
AGT-67379 | AGT-66352: System Crashed while restoring shadow-copy backup AFFECTED VERSIONS: 7.8.0.73 — 7.8.0.xx Forcefully dismounting a shadow drive using the vssadmin.exe revert shadow /ForceDismountcommand, and then attempting to generate an LDT report using thevoradmin LDT reportcommand, in sequence, resulted in a system crash. This has been fixed.
- 
AGT-68108 [CS2213662]: CTE driver causing system crash when a file is renamed AFFECTED VERSIONS: 7.7.0.130 — 7.8.0.99 A timing issue could occur when a file was renamed. This happens when the CTE drivers try to access internal data structures when another operation is releasing that same memory simultaneously. While this is an infrequent occurrence, it leads to a system crash. This issue has been fixed. 
Known Issues
- 
AGT-36370: The vorvmd.log reports an error message, Not guarding pathwhen guarding LDT over CIFS GuardPointAFFECTED VERSIONS: N/A This error message displays when the CTE agent is in the process of authenticating the user. This error can be safely ignored. 
- 
AGT-39189 | AGT-55063: CTE failed to unguard after changing to incorrect CIFS credentials AFFECTED VERSIONS: All If a user has a CIFS guarded path, and tries to access it with invalid credentials, the unguard request fails. After this, if the user switches to valid credentials, the unguard request still fails because CTE agent is unable to access the CIFS share to update the credentials. Work-around To successfully guard/unguard a CIFS path, use valid credentials. 
- 
AGT-39190: File modified time does not change after rekey for excluded files AFFECTED VERSIONS: 7.7.0 — 7.8.0.111 This is a limitation with the current CTE agent. This is due to the Windows Redirected Drive Buffering Subsystem (rdbss) limitation. 
- 
AGT-48196: Microsoft DPM recovery creation failed when creating an incremental backup recovery point AFFECTED VERSIONS: 7.5.0 — 7.8.0.111 Work-around Perform a complete backup. Do not perform an incremental backup. 
- 
AGT-48580: The gzip files in a directory can be mistakenly identified as ransomware by Ransomware Protection AFFECTED VERSIONS: 7.5.0 — 7.8.0.111 Some compression algorithms haves high entropy value and intermittently, zip or unzip activity that occurs on files that already themselves have high entropy, within a Ransomware Protection GuardPoint, is mistakenly identified as ransomware. Work-around Add the zip/gzip/winzipprograms to the Ransomware Protection process exemption list in the CipherTrust Manager.
- 
AGT-48862: Unguard process fails if CTE secfsdservice is downAFFECTED VERSIONS: 7.5.0 — 7.8.0.111 The secfsdservice is a critical CTE service. If this service is down, certain CTE features may not work as intended.Work-around Manually restart the secfsdservice in the service manager.
- 
AGT-58577: Issues and limitations for Multifactor Authentication and Ransomware Protection co-existence AFFECTED VERSIONS: 7.7.0 — 7.8.0.111 Multifactor Authentication is not yet supported for a GuardPoint with Ransomware Protection with a CTE Agent. 
- 
AGT-61138: When applying a GuardPoint on the UNC (Universal Naming Convention) name instead of a Local drive, files display as cipher-text format when accessing using local drive AFFECTED VERSIONS: 7.7.0 — 7.8.0.111 User must apply GuardPoint on the local drive. If the user decides to apply the GuardPoint on the UNC path, user must use the UNC path to access the data. Do not view through the local Windows explorer path. 
- 
AGT-64352: No Audit logs generated for same resource set on Standard Policy vs FAM policy AFFECTED VERSIONS: 7.7.0 — 7.8.0.111 In FAM, no audit logs are generated with a FAM policy having a resource set matching the designated pattern. 
- 
AGT-64711: Data transformation is failing in case of existing data in OneDrive using dataxform AFFECTED VERSIONS: 7.7.0 — 7.8.0.111 For OneDrive v23.066 and subsequent versions, Microsoft made a change to their software. Users can no longer disable the Files On-Demand feature. Disabling this feature is required for the CTE driver. As a result, the CTE driver can only support using a standard policy and Data Transformation with previous versions of OneDrive v23.066. For OneDrive v23.066 and subsequent versions, the CTE driver supports using a standard policy. It does not support using Data Transformation. 
- 
AGT-64971: Unable to delete GuardPoint inside a Ransomware protected volume, when simulating a ransomware attack when a process is marked as malicious by RWP AFFECTED VERSIONS: 7.8.0.111 GuardPoint is not being removed from the directory. On CipherTrust Manager it displays that it's in the processing state. Work-around Reboot the agent. 
- 
AGT-65794: CTE/FAM duplicate audit logs generated for single action AFFECTED VERSIONS: 7.8.0.111 For CTE protected paths, there can be multiple FAM audit logs generated for a single I/O operation. 
- 
AGT-66386: Not able to access CIFS file from a Windows AccessOnly node after key rotation AFFECTED VERSIONS: 7.8.0.77 — 7.8.0.111 If a file on a CIFS share is accessed from a Windows AccessOnly node immediately following the initial LDT transformation operation, and then a subsequent rekey is performed, the file is no longer be accessible on the Windows AccessOnly Node. Workaround Reboot the Windows AccessOnly node.