VampireFox5 - 2019-11-20

Greetings,

I'm moving back to Windows from Linux so I've only had experience with LUKS when it comes to disk encryption. I have a few questions before I start using it. So I understand that Veracrypt can be used in UEFI mode however only the C Drive can be encrypted which makes sense. I know that the Windows installation using UEFI creates two other partitions the "Recovery OEM Partition" and the "EFI System Partition" which I assume is also known as the boot partition.

  1. Are there any concerns to be aware of when using Veracrypt in UEFI due to these other two paritions? What I mean is are there any data leaks among other things?

  2. When I do a fresh install of Windows the first thing I do is install all of the updates, drivers for the system and my AV software of choice. Is it ok to do so before downloading and installing Veracrypt? I'm asking this because on Linux you set up encryption upon using the installer.

  3. Does Veracrypt defend against an Evil Maid Attack in anyway?

  4. Lastly what happens when I need to install system/driver updates? I know that Microsoft releases both security and feature updates every so often although now the feature updates are sent out more like service packs instead of full blown upgrades which is nice.

Please forgive me I'm a total noob when it comes to Veracrypt, but I greatly appreciate any help as well as knowledge. Thanks a lot!