Softpedia >Mac >Security >Symantec Encryption Desktop >  Changelog

Symantec Encryption Desktop Changelog

What's new in Symantec Encryption Desktop 10.4.2

Jun 4, 2018
  • Compatibility added for macOS 10.13.x (High Sierra):
  • This release supports the installation of Symantec Encryption Desktop 10.4.2 for macOS, including all the components, on systems running macOS 10.13.x (High Sierra). Symantec Encryption Desktop for FileVault is supported for data recovery management for the computers that are encrypted with FileVault.
  • Expanded client system recovery management for macOS 10.13.x users:
  • FileVault users can generate a new Personal Recovery Key (PRK) after each system recovery. The PRK allows the help desk administrators to resolve a user account lockout state.

New in Symantec Encryption Desktop 10.4.0 Build 1100 (Aug 26, 2016)

  • Building on Symantec’s proven technology, Symantec Encryption Desktop 10.4 for Mac OS X includes numerous improvements and the following new features.
  • Symantec Desktop Email no longer bounces a message if a recipient has a Key Not Found (KNF):
  • Previously, if an encrypted email could not be delivered due to one or more recipients having a Key Not Found (KNF), the email bounced. Now, if one or more recipients has a KNF, the email is delivered to the valid recipients. The user may receive a separate email listing the KNF recipients to whom the email was not delivered.
  • Symantec Encryption Desktop registration is simplified:
  • You are no longer required to submit your Licensee Name, Licensee Organization, and Licensee Email Information to register a Symantec Encryption Desktop product license. Now, only the License Number is required.
  • TLS 1.2 support added for client-to-server communication:
  • Symantec Encryption Desktop, Symantec Encryption Management Server, and PGP Command Line are capable of doing secure communication using TLS 1.2. Symantec Encryption Management Server does still support TLS 1.0, however, for backward compatibility.
  • Compatibility added for Apple Mac OS X 10.11.4:
  • This release supports the installation of Symantec Encryption Desktop on systems running Apple Mac OS X 10.9.5, 10.10.x, and 10.11.4. (Note that installation on systems running Mac OS X 10.8.5, 10.9, 10.9.1, 10.9.2, and 10.9.3 has been removed.)
  • Note: For more information about Symantec Encryption Desktop for Mac OS X support for Mac OS X 10.11.4, visit the Symantec Knowledgebase and search for article INFO3684.
  • Compatibility added for most Internet-standards-based email clients running on Mac OS X 10.9.5 to 10.10.5:
  • Symantec Encryption Desktop has been tested for compatibility with Apple Mail 8.x and 9.x, Microsoft Outlook 2011 for Mac, and Microsoft Outlook 2016 for Mac.

New in Symantec Encryption Desktop 10.3.1 Build 13100 (Nov 18, 2013)

  • Compatibility with Apple Mac OS X 10.8.2, 10.8.3, and 10.8.4

New in Symantec Encryption Desktop 10.3.0 Build 8741 (Mar 12, 2013)

  • What's New in Symantec Encryption Desktop 10.3
  • Symantec identity branding
  • The PGP product line has been renamed. For a detailed map of old product names to new ones, refer to the Symantec Knowledgebase article TECH197084.
  • Compatibility with Apple Mac OS X 10.8
  • This release supports installation of Symantec Desktop Encryption, formerly known as PGP Desktop, on systems running Mac OS X 10.8 (Mountain Lion).
  • Resolved Issues:
  • For a list of issues that have been resolved in this release, please go to the Symantec Knowledgebase and search for TECH166098, "Symantec Encryption Desktop Resolved Issues."

New in Symantec Encryption Desktop 10.2.0 Build 1672 (Aug 12, 2011)

  • Messaging:
  • Improvements have been made to annotations. In a PGP Universal Server-managed environment, your administrator can now specify where the email annotation will be, such as end of message rather than wrapped around the message.
  • You can now protect sent message copies for IMAP accounts (available for standalone installations only) to provide additional security so you can protect sensitive emails that you have sent using your IMAP account. Choose to Encrypt, Encrypt and Sign, or Sign Only messages as they are copied to your IMAP Sent Items mailbox.
  • In a managed environment, your PGP Universal Server administrator can set policy to enable you to decide if you want to perform signature verification on email messages. If enabled, a new button and/or menu option appears in your Microsoft Outlook or Lotus Notes email client. The button or option will be in the default state set by your administrator but you can choose to override this setting.
  • In a managed environment, your PGP Universal Server administrator may have specified certain PGP Notifier settings (for example, whether notifications are to be displayed or the location of the notifier).
  • X.509 certificates included in an S/MIME email message sent to you can now be imported to your key ring. The same settings you have specified when public keys are found apply to these certificates. If specified, PGP Desktop extracts and then imports the X.509 certificate to your keyring. If you want to encrypt email using imported certificates, be sure to manually sign the certificate.
  • In a managed environment, your PGP Universal Server administrator may have specified a setting so that additional information is included in the Non-Delivery Receipt when a message is blocked. If PGP Desktop is unable to find a key for one or more of the recipients in a group list, the email addresses are listed in the Error Details of the Non-Delivery Receipt.
  • PGP Portable
  • A link for More Info is now available on the PGP Portable dialog box displayed when you access data on the device. Your browser launches and the PGP Corporation Support site page is displayed.
  • You can now view available disk space and total size of the PGP Portable Disk once the disk has been mounted. When you move your cursor over the dock item for a few seconds, the PGP Notifier message appears and displays the mount status of the PGP Portable Disk as well as the updated disk space information.
  • PGP Whole Disk Encryption
  • AES-128 and AES-256 cipher algorithm for PGP Desktop for Mac OS X have been enhanced to improve performance of encryption and decryption times as well as disk access times for encrypted disks.
  • Enhancement to force the encryption of boot drives, by policy. This includes forcing encryption if policy changed (for example, you previously did not have to encrypt boot drives, and your administrator modified policy to require encryption).

New in Symantec Encryption Desktop 10.0.0 (Jun 1, 2010)

  • General:
  • New localized versions. PGP Desktop has been localized and can now be installed in French (France) and Spanish (Latin America).
  • PGP Universal Server connectivity. Increased resiliency of PGP Desktop when connectivity to the PGP Universal Server is dependent on a VPN connection or is otherwise intermittent.
  • Enrollment after installation. Following installation of PGP Desktop for Mac OS X, enrollment to the PGP Universal Server is initiated immediately after the user logs on to the Mac OS X system.
  • PGP Keys:
  • Enhanced Server Key Mode (SKM) keys. SKM keys now include the entire key on your keyring. In addition, SKM keys can now be used for encryption functions such as disk and file encryption and decryption, as well as decrypting MAPI email messages when you are offline.
  • Flexible key types. Adds the capability to handle asymmetric keys and certificates (such as X.509 and OpenPGP) as well as symmetric keys.
  • Key usage flags. Each subkey can now have its own key usage properties, so that one subkey could be used for PGP WDE only, and another could be used for all other PGP Desktop functions. Set the key usage of a key when you want to use a key for disk encryption only but you do not want to receive encrypted email using that key.
  • Universal Server Protocol (USP) key searches. The PGP Universal Services Protocol (USP) is a SOAP protocol operating over standard HTTP/HTTPS ports. This is now the default key lookup mechanism. If you are in a PGP Universal Server-managed environment, all key search requests as well as all other communications between the PGP Universal Server and PGP Desktop use PGP USP.
  • PGP Messaging:
  • PGP Viewer. Use PGP Viewer to decrypt and view legacy IMAP/POP/SMTP email messages.
  • Offline policy enhancements. In a managed environment, mail policy is now enforced even if you are offline and not connected to the PGP Universal Server or if the server itself is offline.
  • PGP Whole Disk Encryption:
  • Additional keyboard compatibility. Four new language keyboards have been added for support at PGP BootGuard. These are: English (US-International), Japanese (Japan), German (Germany), French (France), Spanish (Latin America), Spanish (Spain, ISO).
  • Full disk encryption support on Linux. PGP WDE for Linux provides full disk encryption with pre-boot authentication on Ubuntu and Red Hat. For more information, see the PGP Whole Disk Encryption for Linux Command Line Guide.
  • Force encryption enhancements. When your PGP Universal Server administrator changes policy to require that all disks be encrypted, the next time policy is downloaded to your system, the PGP WDE assistant is displayed so you can begin to encrypt your disk.
  • Extended ASCII character support. Extended ASCII characters can now be used when creating PGP WDE users.
  • Support added for Boot Camp. PGP Desktop for Mac OS X can now be used on systems where Boot Camp has been installed. For information on how to use Boot Camp with PGP Desktop, see the installation instructions.

New in Symantec Encryption Desktop 9.10.0 Build 500 (Apr 10, 2009)

  • The PGP Mail.App plugin has been removed from the installation package. This plugin is available from the PGP Corporation Knowledgebase.

New in Symantec Encryption Desktop 9.9.1 Build 287 (Jan 8, 2009)

  • General:
  • Improvements have been made to the content, accuracy, and formatting of the information displayed in the PGP Log. [10618]
  • Logging improvements eliminate memory and CPU usage when using debug-enabled logging. [18044]
  • User interface modifications further improves support for the Americans with Disabilities Act (ADA) standards for accessible design. [10909]
  • Improvements have been made to the user interface in PGP Desktop for Mac OS X, including dragging and dropping of keys. [18472]
  • Miscellaneous improvements have been made to the PGP Desktop for Windows user interface. [18496]
  • General improvements have been made to the localized (German and Japanese) text in the PGP Desktop user interface. [NBN]
  • Installation:
  • The PGP Desktop for Mac OS X Setup Assistant now allows the importing of keys with Japanese user IDs. [13151]
  • System Mac OS X HTTPS proxy settings are now fully supported, including authentication and bypass list. Simple wildcard and CIDR notation matching in the bypass list is also supported, for example: [18234]
  • PGP Desktop for Mac OS X can now be installed from the command line. [18448]
  • Users can now re-enroll on a second Windows system using a smart card. Note that the smart card must be inserted in the second system before proceeding through the Setup Assistant. [18596]
  • Resolved the issue where PGP Desktop for Mac OS X quit unexpectedly during the keyring setup summary process. [19776]
  • PGP Desktop on Windows Vista now properly updates all files when upgrading from version 9.7.1 to version 9.9.1. [18875]
  • PGP Messaging:
  • Resolved the issue where PGP Tray (on Windows systems) shut down unexpectedly when emailing an attachment larger than 8 MB. [16823]
  • Improvements have been made in the handling of file names that contain non-UTF-8 character sets (to improve compatibility with older versions of PGP Desktop). [18214]
  • Mail policies with Japanese names specified on the PGP Universal Server are displayed correctly in the policy displayed in PGP Desktop. [18343]
  • File names are no longer garbled when viewing sign-only messages in Microsoft Outlook Express on non-English systems. [18738]
  • Version information for clear-signed messages sent using PGP Desktop for Mac OS X now displays in English. [18762]
  • Improvements have been made when sending Lotus Notes email with a user's key located on a smart card. When prompted to encrypt and sign your email messages, type the smart card passphrase. If you cancel the process, you must re-insert the smart card. [18772]
  • If an email message is destined to a configured custom address space such as [FAX:00123456789], PGP Desktop now correctly sends the email message unencrypted. For more information on how to define this setting, refer to KB article 716 (https://support.pgp.com/?faq=589). [18009]
  • PGP Desktop now processes attachments with no file names, such as personal .gif signatures. [19004]
  • Enhancements have been made to PGP Messaging in the Lotus Notes environment to process and decrypt HTML signed-only messages that contain inline message in the email body, and to process and decrypt HTML messages with a large body of text. [19251, [19253]]
  • Improvements have been made to PGP Messaging when in the Lotus Notes environment to handle plaintext messages with a very small amount of text in the body. [19631]
  • If you cancel the passphrase prompt when trying to send an email message in OOMS (out of mail stream), the message is blocked and left encrypted in the Sent items folder. [18493]
  • PGP Desktop is now compatible with Sibelius 5 from Sibelius Software. [18806]
  • Enhancements have been made to PGP Messaging (MAPI) where updated content is resent if blocked email messages are modified. [19593]
  • If sending an email message with an empty body from a RIM BlackBerry device, the annotation is now displayed in Microsoft Outlook. [19137]
  • Improvements have been made to the PGP Messaging annotation headers for S/MIME formatted messages (the “- S/MIME” prefix is now added to the headers). [19639]
  • In a Lotus Notes environment, if the PGP Desktop license is expired or invalid, or the service is disabled, PGP Desktop now sends email messages in the clear. [19820]
  • For email messages that are signed by a revoked key, PGP Desktop continues decrypting and verifying the emails with an annotation indicating that the signer key is revoked. [19827]
  • PGP NetShare:
  • Various stability and functionality improvements have been made to PGP NetShare when bulk copying files into and out of protected directories. [18110, 18598, 18658]
  • This release resolves an incompatibility between PGP NetShare and Windows XP systems running McAfee Antivirus 8.5i. [18547]
  • PGP NetShare now correctly protects zero-byte files created by an application that has been defined for application-based encryption in the PGP Universal Server policy. [18759]
  • Resolved some stability issues related to using PGP NetShare with very large groups of users (for example over 200 users). [18624]
  • This release improves browsing of long lists of PGP NetShare-protected files in Windows XP Explorer. [19066]
  • PGP NetShare now has added support for the ReplaceFile Win32 function. This allows Microsoft Office 2007-protected files to keep their current protection credentials after the file is renamed. [18787]
  • Enhancements have been made to logging to always include the PGP NetShare folder location. [19139]
  • PGP NetShare now prevents an Admin user from being removed from a PGP NetShare-protected folder’s user access list. [19547]
  • Improvements have been made to the compatibility between PGP NetShare and EFS. Note that it is not recommended to use EFS together with PGP NetShare on the same folders. [19741, 19794]
  • Stability improvements have been made to PGP NetShare related to the PGP NetShare recent folder list displayed within PGP Desktop and various unusual directory hierarchies. [18830]
  • PGP Whole Disk Encryption:
  • Resolved issues with detecting removable media that prevented PGP Whole Disk Encryption from recognizing and using removable drives on some computer systems. [16743, 18412]
  • PGP Whole Disk Encryption WDRTs created and logged by pgpwde.exe are no longer considered legacy by the PGP Universal Server. [17449]
  • PGP Whole Disk Encryption is now compatible with the EMC RSA Smart Card 5200. [17661]
  • Improvements have been made to PGP WDE logging with pertaining to encrypted partitions. [17700, 18177]
  • Improvements have been made in detecting and displaying the names of removable drives. [17928]
  • Improvements have been made when using the Force Removable Encryption feature in conjunction with embedded policies. [17930]
  • Improvements have been made to the PGP WDE logging of users, and now includes key IDs. [18102, 18959, 18971]
  • The PGP WDE Admin key is correctly added to removable drives that are automatically encrypted per PGP Universal Server policy. [18133]
  • pgpwde.exe can again be used with disk images. [18159]
  • Removable drives that are automatically encrypted per policy are now encrypted to the proper encryption key when using PGP bundle keys. [18188]
  • A new WDRT is generated even in cases where the user cancels the new user assistant in PGP Whole Disk Encryption for Mac OS X. [18228]
  • This release improves PGP WDE for Windows resiliency when critical primary or secondary records are corrupted. [18359]
  • WDRT handling in PGP Universal Server-managed environments has been improved such that multiple users sharing a device are correctly represented on the PGP Universal Server. Situations where users are not currently correct are corrected automatically once those users log in. [18390]
  • PGP WDE now detects and encrypts all SD cards inserted in a built-in reader as removable disks. [18483]
  • When changing the PGP WDE Admin Key in PGP Universal Server policy, the current ADK now remains on the PGP Whole Disk Encryption User Access List. [18513]
  • PGP Whole Disk Encryption no longer allows a disk to be encrypted if the PGP Universal Server cannot be contacted and Whole Disk Recovery Tokens are enabled. [18627]
  • All users on a system are properly added to the PGP WDE user access list regardless of the order in which the users logged on to the system. [18641]
  • PGP Whole Disk Encryption for Mac OS X can now encrypt case-sensitive, journaled drives. [18786]
  • PGP Whole Disk Encryption for Mac OS X no longer allows non-journaled disks to be encrypted. [18918]
  • PGP Whole Disk Encryption no longer removes the ADK from the user access list when you are not using the WDE Admin Key. [18907]
  • Stability improvements have been made when encrypted USB disks are attached on German Windows systems. [18916]
  • PGP Whole Disk Encryption now pauses the encryption process when encountering very rare unexpected errors during encryption. [18923]
  • PGP Whole Disk Encryption for Mac OS X no longer starts to decrypt a disk automatically if an unlicensed user logs in to the system after authenticating at the PGP BootGuard screen. [18995]
  • PGP Whole Disk Encryption for Mac OS X now displays the progress of the recovery operation when using the pgpwde "recover" command from the command line. [19058]
  • PGP Whole Disk Encryption for Mac OS X now allows users to re-enroll when the PGP Universal Server policy is set to automatically encrypt the boot disk. [18949]
  • Resolved the issue where PGP Desktop for Mac OS X could not encrypt the disk on some systems because the com.apple.Boot.plist file was missing. This file is now installed if it is missing from the user’s system. [18966]
  • The pgpwde command to list users now properly includes user’s names when the output is redirected to a file. [19049]
  • PGP Whole Disk Encryption for Mac OS X now correctly follows Whole Disk Encryption permissions when the disk is fully encrypted. [19186]
  • On Mac OS X systems that are encrypted with PGP WDE, you cannot remove PGP WDE by reinstalling the product. To remove PGP WDE, you must decrypt the disk and then reinstall PGP Desktop. [19192]
  • On certain hardware, PGP Desktop may have trouble recognizing smart cards/tokens used for WDE due to conflicts with USB keyboards. This may be resolved by excluding certain USB Host Controllers from probing at boot time. More information can be found in PGP Knowledgebase Article #1087 (http://support.pgp.com/?faq=1087). [16926]
  • PGP BootGuard no longer displays the "disk locked" message after authenticating with an incorrect password when the disk was encrypted with a TPM or token user only. [17974]
  • Revised the text displayed when an unsupported keyboard is used at PGP BootGuard so that it now directs the user to the documentation. There are now too many supported keyboards to list in the message. [18435]
  • PGP Whole Disk Encryption with SSO is now compatible with IBM ThinkVantage Access Connections software. [18494]
  • Resolved the issues in PGP WDE-only deployments where GKM or SCKM keys are specified per policy. [19657]
  • PGP Whole Disk Encryption for OS X now allows the use of the WDRT for decryption when specified as the passphrase when the --decrypt option of the pgpwde command line utility is used. [19755]
  • For the Japanese version of PGP Whole Disk Encryption, additional characters that are not accepted at PGP BootGuard are ` and ~. [18871]
  • PGP Whole Disk Encryption now adds the ADK to PGP WDE-encrypted disks when upgrading clients in a managed environment. [18457]
  • PGP Keys:
  • Improvements have been made to setup and enrollment when using CAPI-based keys. [18088]
  • PGP Desktop now signs the PGP Universal Server Organization key during enrollment when using CAPI-based PGP Bundle keys. [18189]
  • Improvements have been made to the user interface when generating a new key on PGP Desktop for Mac OS X. [18354]
  • This release improves enrollment that uses existing CKM or GKM keys that have different topkey and subkey passphrases. [18723]
  • Key-specified ADKs are now enforced for keys that are searched and found on keys. keyservers. [18761]
  • The X.509 certificate import wizard now caches the passphrase of newly-created bundle keys. The Setup Assistant no longer prompts the user to enter a passphrase for the key. [16246]
  • Generating CKM keys on Aladdin eTokens no longer results in a "bad passphrase" error. [18884]
  • Added support for the Gemalto .NET v2 smart card for post-boot operations. [19757]
  • Based on customer feedback, changes have been made to some of the key reconstruction questions. [18342]
  • PGP Zip:
  • UNC paths now can be used when creating PGP Zip archives. [18401]

New in Symantec Encryption Desktop 9.9.0 Build 397 (Aug 27, 2008)

  • Introduces Whole Disk Encryption, with pre-boot authentication.

New in Symantec Encryption Desktop 9.8.0 Build 2158 (Feb 8, 2008)

  • Localized for German and Japanese: PGP Desktop for Mac OS X is available in German and Japanese.