PGP Desktop 9.9.1 - Resolved Issues

Article:TECH149327  |  Created: 2009-03-13  |  Updated: 2011-02-06  |  Article URL http://www.symantec.com/docs/TECH149327
Article Type
Technical Solution


Issue




This article details a list of resolved issues in PGP Desktop 9.9.1.


Solution




General

  • Improvements have been made to the content, accuracy, and formatting of the information displayed in the PGP Log. [10618]
  • Logging improvements eliminate memory and CPU usage when using debug-enabled logging. [18044]
  • User interface modifications further improves support for the Americans with Disabilities Act (ADA) standards for accessible design. [10909]
  • Improvements have been made to the user interface in PGP Desktop for Mac OS X, including dragging and dropping of keys. [18472]
  • Miscellaneous improvements have been made to the PGP Desktop for Windows user interface. [18496]
  • General improvements have been made to the localized (German and Japanese) text in the PGP Desktop user interface. [NBN]

Installation

  • The PGP Desktop for Mac OS X Setup Assistant now allows the importing of keys with Japanese user IDs. [13151]
  • System Mac OS X HTTPS proxy settings are now fully supported, including authentication and bypass list. Simple wildcard and CIDR notation matching in the bypass list is also supported, for example: [18234]

         192.168/16
         192.168.0.0/16
         *.example.com

  • PGP Desktop for Mac OS X can now be installed from the command line. [18448]
  • Users can now re-enroll on a second Windows system using a smart card. Note that the smart card must be inserted in the second system before proceeding through the Setup Assistant. [18596]
  • Resolved the issue where PGP Desktop for Mac OS X quit unexpectedly during the keyring setup summary process. [19776]
  • PGP Desktop on Windows Vista now properly updates all files when upgrading from version 9.7.1 to version 9.9.1. [18875]

PGP Messaging

  • Resolved the issue where PGP Tray (on Windows systems) shut down unexpectedly when emailing an attachment larger than 8 MB. [16823]
  • Improvements have been made in the handling of file names that contain non-UTF-8 character sets (to improve compatibility with older versions of PGP Desktop). [18214]
  • Mail policies with Japanese names specified on the PGP Universal Server are displayed correctly in the policy displayed in PGP Desktop. [18343]
  • File names are no longer garbled when viewing sign-only messages in Microsoft Outlook Express on non-English systems. [18738]
  • Version information for clear-signed messages sent using PGP Desktop for Mac OS X now displays in English. [18762]
  • Improvements have been made when sending Lotus Notes email with a user's key located on a smart card. When prompted to encrypt and sign your email messages, type the smart card passphrase. If you cancel the process, you must re-insert the smart card. [18772]
  • If an email message is destined to a configured custom address space such as [FAX:00123456789], PGP Desktop now correctly sends the email message unencrypted. For more information on how to define this setting, refer to KB article 716 (https://support.pgp.com/?faq=589). [18009]
  • PGP Desktop now processes attachments with no file names, such as personal .gif signatures. [19004]
  • Enhancements have been made to PGP Messaging in the Lotus Notes environment to process and decrypt HTML signed-only messages that contain inline message in the email body, and to process and decrypt HTML messages with a large body of text. [19251, [19253]]
  • Improvements have been made to PGP Messaging when in the Lotus Notes environment to handle plaintext messages with a very small amount of text in the body. [19631]
  • If you cancel the passphrase prompt when trying to send an email message in OOMS (out of mail stream), the message is blocked and left encrypted in the Sent items folder. [18493]
  • PGP Desktop is now compatible with Sibelius 5 from Sibelius Software. [18806]
  • Enhancements have been made to PGP Messaging (MAPI) where updated content is resent if blocked email messages are modified. [19593]
  • If sending an email message with an empty body from a RIM BlackBerry device, the annotation is now displayed in Microsoft Outlook. [19137]
  • Improvements have been made to the PGP Messaging annotation headers for S/MIME formatted messages (the “- S/MIME” prefix is now added to the headers). [19639]
  • In a Lotus Notes environment, if the PGP Desktop license is expired or invalid, or the service is disabled, PGP Desktop now sends email messages in the clear. [19820]
  • For email messages that are signed by a revoked key, PGP Desktop continues decrypting and verifying the emails with an annotation indicating that the signer key is revoked. [19827]

PGP NetShare

  • Various stability and functionality improvements have been made to PGP NetShare when bulk copying files into and out of protected directories. [18110, 18598, 18658]
  • This release resolves an incompatibility between PGP NetShare and Windows XP systems running McAfee Antivirus 8.5i. [18547]
  • PGP NetShare now correctly protects zero-byte files created by an application that has been defined for application-based encryption in the PGP Universal Server policy. [18759]
  • Resolved some stability issues related to using PGP NetShare with very large groups of users (for example over 200 users). [18624]
  • This release improves browsing of long lists of PGP NetShare-protected files in Windows XP Explorer. [19066]
  • Enhancements have been made to logging to always include the PGP NetShare folder location. [19139]
  • PGP NetShare now prevents an Admin user from being removed from a PGP NetShare-protected folder’s user access list. [19547]
  • Improvements have been made to the compatibility between PGP NetShare and EFS. Note that it is not recommended to use EFS together with PGP NetShare on the same folders. [19741, 19794]
  • Stability improvements have been made to PGP NetShare related to the PGP NetShare recent folder list displayed within PGP Desktop and various unusual directory hierarchies. [18830]

PGP Whole Disk Encryption

  • Resolved issues with detecting removable media that prevented PGP Whole Disk Encryption from recognizing and using removable drives on some computer systems. [16743, 18412]
  • PGP Whole Disk Encryption WDRTs created and logged by pgpwde.exe are no longer considered legacy by the PGP Universal Server. [17449]
  • PGP Whole Disk Encryption is now compatible with the EMC RSA Smart Card 5200. [17661]
  • Improvements have been made to PGP WDE logging with pertaining to encrypted partitions. [17700, 18177]
  • Improvements have been made in detecting and displaying the names of removable drives. [17928]
  • Improvements have been made when using the Force Removable Encryption feature in conjunction with embedded policies. [17930]
  • Improvements have been made to the PGP WDE logging of users, and now includes key IDs. [18102, 18959, 18971]
  • pgpwde.exe can again be used with disk images. [18159]
  • Removable drives that are automatically encrypted per policy are now encrypted to the proper encryption key when using PGP bundle keys. [18188]
  • A new WDRT is generated even in cases where the user cancels the new user assistant in PGP Whole Disk Encryption for Mac OS X. [18228]
  • This release improves PGP WDE for Windows resiliency when critical primary or secondary records are corrupted. [18359]
  • WDRT handling in PGP Universal Server-managed environments has been improved such that multiple users sharing a device are correctly represented on the PGP Universal Server. Situations where users are not currently correct are corrected automatically once those users log in. [18390]
  • PGP WDE now detects and encrypts all SD cards inserted in a built-in reader as removable disks. [18483]
  • When changing the PGP WDE Admin Key in PGP Universal Server policy, the current ADK now remains on the PGP Whole Disk Encryption User Access List. [18513]
  • PGP Whole Disk Encryption no longer allows a disk to be encrypted if the PGP Universal Server cannot be contacted and Whole Disk Recovery Tokens are enabled. [18627]
  • All users on a system are properly added to the PGP WDE user access list regardless of the order in which the users logged on to the system. [18641]
  • PGP Whole Disk Encryption for Mac OS X can now encrypt case-sensitive, journaled drives. [18786]
  • PGP Whole Disk Encryption for Mac OS X no longer allows non-journaled disks to be encrypted. [18918]
  • PGP Whole Disk Encryption no longer removes the ADK from the user access list when you are not using the WDE Admin Key. [18907]
  • Stability improvements have been made when encrypted USB disks are attached on German Windows systems. [18916]
  • PGP Whole Disk Encryption now pauses the encryption process when encountering very rare unexpected errors during encryption. [18923]
  • PGP Whole Disk Encryption for Mac OS X no longer starts to decrypt a disk automatically if an unlicensed user logs in to the system after authenticating at the PGP BootGuard screen. [18995]
  • PGP Whole Disk Encryption for Mac OS X now displays the progress of the recovery operation when using the pgpwde "recover" command from the command line. [19058]
  • PGP Whole Disk Encryption for Mac OS X now allows users to re-enroll when the PGP Universal Server policy is set to automatically encrypt the boot disk. [18949]
  • Resolved the issue where PGP Desktop for Mac OS X could not encrypt the disk on some systems because the com.apple.Boot.plist file was missing. This file is now installed if it is missing from the user’s system. [18966]
  • The pgpwde command to list users now properly includes user’s names when the output is redirected to a file. [19049]
  • PGP Whole Disk Encryption for Mac OS X now correctly follows Whole Disk Encryption permissions when the disk is fully encrypted. [19186]
  • On Mac OS X systems that are encrypted with PGP WDE, you cannot remove PGP WDE by reinstalling the product. To remove PGP WDE, you must decrypt the disk and then reinstall PGP Desktop. [19192]
  • On certain hardware, PGP Desktop may have trouble recognizing smart cards/tokens used for WDE due to conflicts with USB keyboards. This may be resolved by excluding certain USB Host Controllers from probing at boot time. More information can be found in PGP Knowledgebase Article #1087 (http://support.pgp.com/?faq=1087). [16926]
  • PGP BootGuard no longer displays the "disk locked" message after authenticating with an incorrect password when the disk was encrypted with a TPM or token user only. [17974]
  • Revised the text displayed when an unsupported keyboard is used at PGP BootGuard so that it now directs the user to the documentation. There are now too many supported keyboards to list in the message. [18435]
  • PGP Whole Disk Encryption with SSO is now compatible with IBM ThinkVantage Access Connections software. [18494]
  • Resolved the issues in PGP WDE-only deployments where GKM or SCKM keys are specified per policy. [19657]
  • PGP Whole Disk Encryption for OS X now allows the use of the WDRT for decryption when specified as the passphrase when the --decrypt option of the pgpwde command line utility is used. [19755]
  • For the Japanese version of PGP Whole Disk Encryption, additional characters that are not accepted at PGP BootGuard are ` and ~. [18871]
  • PGP Whole Disk Encryption now adds the ADK to PGP WDE-encrypted disks when upgrading clients in a managed environment. [18457]

PGP Keys

  • Improvements have been made to setup and enrollment when using CAPI-based keys. [18088]
  • PGP Desktop now signs the PGP Universal Server Organization key during enrollment when using CAPI-based PGP Bundle keys. [18189]
  • Improvements have been made to the user interface when generating a new key on PGP Desktop for Mac OS X. [18354]
  • This release improves enrollment that uses existing CKM or GKM keys that have different topkey and subkey passphrases. [18723]
  • Key-specified ADKs are now enforced for keys that are searched and found on keys. keyservers. [18761]
  • The X.509 certificate import wizard now caches the passphrase of newly-created bundle keys. The Setup Assistant no longer prompts the user to enter a passphrase for the key. [16246]
  • Generating CKM keys on Aladdin eTokens no longer results in a "bad passphrase" error. [18884]
  • Added support for the Gemalto .NET v2 smart card for post-boot operations. [19757]
  • Based on customer feedback, changes have been made to some of the key reconstruction questions. [18342]

PGP Zip

  • UNC paths now can be used when creating PGP Zip archives. [18401]



Legacy ID



1257


Article URL http://www.symantec.com/docs/TECH149327


Terms of use for this information are found in Legal Notices