Binaries for Windows, Linux and MacOSX are available at Launchpad, Sourceforge and Bitbucket
Changes between 1.24-Hotfix1 and 1.24-Update2 (16 Decembre 2019) :
-
All OSs:
- clear AES key from stack memory when using non-optimized implementation. Doesn't apply to VeraCrypt official build (Reported and fixed by Hanno Böck)
- Update Jitterentropy RNG Library to version 2.2.0
- Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB).
- Various documentation enhancements.
-
Windows:
- Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501)
- MBR bootloader:
- workaround for SSD disks that don't allow write operations in BIOS mode with buffers less than 4096 bytes.
- Don't restore MBR to VeraCrypt value if it is coming from a loader different from us or different from Microsoft one.
- EFI bootloader:
- Fix "ActionFailed" not working and add "ActionCancelled" to customize handling of user hitting ESC on password prompt
- Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory.
- Fix multi-OS boot compatibility by only setting VeraCrypt as first bootloader of the system if the current first bootloader is Windows one.
- Add new registry flags for SystemFavoritesService to control updating of EFI BIOS boot menu on shutdown.
- Allow system encrypted drive to be mounted in WindowsPE even if changing keyboard layout fails (reported and fixed by Sven Strickroth)
- Enhancements to the mechanism preserving file timestamps, especially for keyfiles.
- Fix RDRAND instruction not detected on AMD CPUs.
- Detect cases where RDRAND is flawed (e.g. AMD Ryzen) to avoid using it if enabled by user.
- Don't write extra 0x00 byte at the end of DcsProp file when modifying it through UI
- Reduce memory usage of IOCTL_DISK_VERIFY handler used in disk verification by Windows.
- Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected.
- Fix the checkbox for skipping verification of Rescue Disk not reflecting the value of /noisocheck switch specified in VeraCrypt Format command line.
- check "TrueCrypt Mode" in password dialog when mounting a file container with .tc extension
- Update XML languages files.
-
Linux:
- Fix regression causing admin password to be requested too many times in some cases
- Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
- Make sure password gets deleted in case of internal error when mounting volume (Reported and fixed by Hanno Böck)
- Fix passwords using Unicode characters not recognized in text mode.
- Fix failure to run VeraCrypt binary built for console mode on headless machines.
- Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
- Add CLI switch (--use-dummy-sudo-password) to force use of old sudo behavior of sending a dummy password
- During uninstall, output error message to STDERR instead of STDOUT for better compatibility with package managers.
- Make sector size mismatch error when mounting disks more verbose.
- Speedup SHA256 in 64-bit mode by using assembly code.
-
MacOSX:
- Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
- Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
- Fix passwords using Unicode characters not recognized in text mode.
- Make sector size mismatch error when mounting disks more verbose.
- Speedup SHA256 in 64-bit mode by using assembly code.