VeraCrypt 1.17 fixes security issues, improves compatibility

VeraCrypt 1.17 has been released on February 13, 2016. The new version fixes several security-related issues, improves compatibility, and even includes optimizations.

VeraCrypt is without doubt the TrueCrypt-based encryption program that appears to be the most active project right now.

Its developers release new versions regularly that fix security and other issues in the client, and add new functionality to it.

The new VeraCrypt 1.17 update is no exception as it introduces a whole batch of improvements to the software program.

VeraCrypt 1.17

The developers have fixed a dll hijacking vulnerability affecting the VeraCrypt installer on Windows machines. The issue, affecting several installers for Windows including those created by Mozilla, Microsoft or Kaspersky, affected TrueCrypt 7.1a as well.

Since VeraCrypt is based on that version, it too was affected by the vulnerability.

The executable installers "TrueCrypt Setup 7.1a.exe" and TrueCrypt-7.2.exe load and execute USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll from their "application directory".

If an attacker places the above named DLLs in the users "Downloads" directory (for example per drive-by download or social engineering) this vulnerability becomes a remote code execution.

The new version includes another security-related improvement that fixes path leaks of selected keyfiles in RAM.

As far as other improvements are concerned, there are quite a few

1. VeraCrypt 1.17 is signed using SHA-1 and SHA-256.
2. The mount and boot time has been cut in half "thanks to a clever optimization of key derivation".
3. Whirlpool PRF speed improved by 25%.
4. Unicode passwords are supported across the board now with the exception of Windows system encryption.
5. Support added for creating exFAT volumes.
6. Solved issues with Comodo and Kaspersky programs when running applications from VeraCrypt mounted volumes.
7. Reduction of false positives by antivirus programs.
8. PIM caching implemented. The feature is not enabled by default and needs to be enabled under Settings > Preferences > Include PIM when caching a password (PIM stands for Personal Iterations Multiplier).

You can check out the full release notes of VeraCrypt 1.17 on the official project website. There you find download options for all supported operating systems.

Windows users can install VeraCrypt or use it as a portable program instead when they select the "extract" option after launching the installer.

To update VeraCrypt, run the installer for the new version and make sure it gets installed in the same directory as the currently installed version of the encryption software.