The developers of the open source encryption software VeraCrypt have released VeraCrypt 1.26.14 for all supported platforms. The new version adds a notification if volumes are affected by the XTS master key vulnerability.
The issue was fixed last year in VeraCrypt 1.26.7, but only for newly created volumes. While unlikely even then, the newly added notification ensures that users are informed if one of their encrypted volumes are still affected by the vulnerability.
Installation or upgrade
The new release installs over existing installations. This should not be problematic for most users. A system restore point is created by default during the installation. Note that a restart is required to complete the process. You cannot mount volumes until the final restart.
VeraCrypt 1.26.24 does not mount TrueCrypt volumes anymore. This was the case for last year’s release as well, but is still noteworthy.
If you still have an old TrueCrypt volume, e.g., on a removable drive you have not touched for years, you may want to use an earlier version of VeraCrypt to decrypt the encrypted volume before you encrypt it again using the software.
Note that you may download older VeraCrypt versions from the official project website. VeraCrypt 1.25.9 was the last to support TrueCrypt volumes.
An overview of the changes of VeraCrypt 1.26.14
The update is a bug fix release for the most part. It does come with updated translations and documentation as well as some compatibility improvements on non-Windows systems.
Here is a short list of the most important changes and fixes:
- Windows: VeraCrypt Expander: Fix expansion of volumes on disks with a sector size different from 512.
- Linux: Enhance ASLR security of generic installer binaries by adding linked flag for old GCC version.
- macOS: Fix near zero width PIM input box and simplify wxTextValidator logic.
- FreeBSD: Support automatic detection and mounting of ext2/3/4, exFAT, NTFS filesystems.
You can check out the full changelog here. As you can see, it is mostly maintenance related changes and a fix bug fixes.
Closing Words
Still, it is a good idea to upgrade to the new version because of these fixes and the notification if one of the volumes has a vulnerable XTS master key.
Now You: do you use encryption software? Maybe even VeraCrypt? Or do you swear on a different software? Feel free to leave a comment down below!