Mounir IDRASSI

I signed the EFI bootloader for 1.26.29 last month and there was no issue. My reading of MSFT requirement is the 12 months window is at minimum associated to their announcement date in order to allow proper organization of such audit (you cannot just order an audit for next month!). So, the deadline seems to be around end of 2026 (maybe November). Not sure how this will play out. Such requirement rises the bar significantly.

@davidxanatos: This will be a problem when Microsoft start enforcing it (maybe by end of 2026). We can't use SHIM so a security audit will be needed. Only solution is to ask for sponsoring to pay for the audit like what OSTIF did when they sponsored QuarksLab audit of VeraCrypt.

@sieban: Thanks for the kind words. I wanted to let you know that have uploaded Windows installers for 1.26.29 containing the latest changes/fixes to https://sourceforge.net/projects/veracrypt/files/VeraCrypt%201.26.29/Windows/ I'm finalizing the packages for other OSes before formal public release.

Thanks. yes, I tested with a hidden volume using around 100 GiB of data.

@chrissyco You can definitely overwrite existing hidden volume using direct mode in VeraCrypt Format wizard. It will not cause any issues. Thank you for the new test, I guess you used the latest 1.26.29. I'm starting to wonder if it is the hidden volume who is causing the issue. If using single AES with hidden volume causes corruption, then it is the culprit. I'm still puzzled though.

Thank you for bringing this up. I completely missed you analysis for 1.26.27 Beta, this is no good :-( I'm working on a fix because this issue can cause really problems for users. The introduction of Argon2 had many side effects that I discover little by little. That's why I added the Cancel button the waiting dialog because entering wrong password by accident with custom PIM that is large in autodetection mode caused very long waiting time driven by Argon2.

I have tested with a file container and still no issue on my side with update KB5094126 installed. One point: on my machine, I use a third-party Antivirus instead of Microsoft Defender. Not sure if this can have an effect. For anyone affected, please run the following commands in Windows PowerShell while the affected VeraCrypt volume is mounted. Replace $ProblemFile with the path of one executable inside the volume that triggers the warning. Get-CimInstance Win32_LogicalDisk -Filter "DeviceID='Q:'"...

Re-bonjour, So, I have installed the update on a Windows 11 25H2 PC and I can't reproduce your issue with a hidden volume I had stored on a disk (not file container). Next I will create a file container with hidden volume on another Windows machine that doesn't have the update, put data on it and then open it on the updated Windows PC.