PGP Whole Disk Encryption Maintenance Release for Mac OS X 10.6.5 (or later) Customers
We're writing to follow up on our post on this issue last November. Since then, Symantec has provided both a workaround and hotfix to address the client problem encountered with PGP Whole Disk Encryption when updating Mac OS X. A maintenance release that will proactively address this issue is now available.
In case you missed our earlier communication, in Mac OS X 10.6.5, Apple's automated Software Update mechanism bypasses the protections PGP Corporation had put around a critical file needed for normal system startup.
Prior to the release of the Mac OS X 10.6.5 update, the PGP Engineering team tested every version of the early developer release of the update provided to PGP by Apple and no conflicts were found. However, we identified after the release of the update that Apple's automated Software Update mechanism bypasses the protections the PGP Engineering team had put around the boot.efi file. This bypass allows the Mac OS X update to overwrite a critical file needed by PGP Whole Disk Encryption when the machine reboots, rendering the system non-bootable after installation of the update.
In order to prevent the issue from occurring in the future, we are including new client code in this PGP Whole Disk Encryption maintenance release that protects and verifies the state of the boot.efi file even when Apple’s automated Software Update mechanism attempts to bypass the client’s protection of this file. Customers with supported versions of Mac OS X prior to 10.6.5 can apply this release to their PGP Desktop for Mac OS X clients and subsequently update the OS to 10.6.5 (or later) without encountering this issue.
A maintenance release is now available. Please use your LEMS account to access PGP Whole Disk Encryption 10.1.1.
Complete instructions for how to successfully update to 10.6.5 can be found in our Knowledgebase article. (https://pgp.custhelp.com/app/answers/detail/a_id/2288)