Forums Community Axcrpyt and Windows hibernation security vulnerability

This topic contains 2 replies, has 1 voice, and was last updated by  Marvin 1 day, 21 hours ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • September 23, 2024 at 13:34 #38166 Reply

    Dale

    When a user hibernates Windows, all memory contents are copied to the hard drive.  If encryption software such as Axcrypt is running when they do this, any passwords or keys in memory will also be written to the hard drive, allowing a hacker with physical access to the computer to retrieve those keys from the hard drive and decrypt all the user’s files encrypted with them.

    Does Axcrypt take any steps to resolve this security issue (eg. zeroing out memory allocated to the application on closing)?

     

     

     

     

    September 24, 2024 at 16:12 #38189 Reply

    Dale

    Admins please have an Axcrypt technician/developer respond to this question.  It is a major potential security issue and users need to know.

    October 14, 2024 at 15:22 #38698 Reply

    Marvin

    Dale,

    AxCrypt destroys the encryption keys once it gets locked out. Whenever you restart your/ sign out of AxCrypt or lock your desktop environment or put your computer to sleep/hibernate or your screensaver starts then AxCrypt clears your encryption keys. But, in case if you have decrypted a file for viewing or any update and forget to re-encrypt it before performing actions like hibernation, it may get exposed. It is better that you take care of decrypted files and encrypt them safely back.

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
Reply To: Axcrpyt and Windows hibernation security vulnerability
Your information: