Download Latest Version
VeraCrypt_1.26.24_Source.tar.bz2 (37.4 MB)
Get an email when there's a new version of VeraCrypt
Changes between 1.24-Update2 and 1.24-Update3 (21 December 2019) :
- Linux:
* Fix console-only build to remove dependency on GTK that is not wanted on headless servers.
Changes between 1.24-Hotfix1 and 1.24-Update2 (16 December 2019) :
- All OSes:
* Clear AES key from stack memory when using non-optimized implementation. Doesn't apply to VeraCrypt official build (Reported and fixed by Hanno Böck)
* Update Jitterentropy RNG Library to version 2.2.0
* Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB).
* Various documentation enhancements.
- Windows:
* Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501)
* MBR bootloader:
- workaround for SSD disks that don't allow write operations in BIOS mode with buffers less than 4096 bytes.
- Don't restore MBR to VeraCrypt value if it is coming from a loader different from us or different from Microsoft one.
* EFI bootloader:
- Fix "ActionFailed" not working and add "ActionCancelled" to customize handling of user hitting ESC on password prompt
- Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory.
* Fix multi-OS boot compatibility by only setting VeraCrypt as first bootloader of the system if the current first bootloader is Windows one.
* Add new registry flags for SystemFavoritesService to control updating of EFI BIOS boot menu on shutdown.
* Allow system encrypted drive to be mounted in WindowsPE even if changing keyboard layout fails (reported and fixed by Sven Strickroth)
* Enhancements to the mechanism preserving file timestamps, especially for keyfiles.
* Fix RDRAND instruction not detected on AMD CPUs.
* Detect cases where RDRAND is flawed (e.g. AMD Ryzen) to avoid using it if enabled by user.
* Don't write extra 0x00 byte at the end of DcsProp file when modifying it through UI
* Reduce memory usage of IOCTL_DISK_VERIFY handler used in disk verification by Windows.
* Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected.
* Fix the checkbox for skipping verification of Rescue Disk not reflecting the value of /noisocheck switch specified in VeraCrypt Format command line.
* check "TrueCrypt Mode" in password dialog when mounting a file container with .tc extension
* Update XML languages files.
- Linux:
* Fix regression causing admin password to be requested too many times in some cases
* Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
* Make sure password gets deleted in case of internal error when mounting volume (Reported and fixed by Hanno Böck)
* Fix passwords using Unicode characters not recognized in text mode.
* Fix failure to run VeraCrypt binary built for console mode on headless machines.
* Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
* Add CLI switch (--use-dummy-sudo-password) to force use of old sudo behavior of sending a dummy password
* During uninstall, output error message to STDERR instead of STDOUT for better compatibility with package managers.
* Make sector size mismatch error when mounting disks more verbose.
* Speedup SHA256 in 64-bit mode by using assembly code.
- MacOSX:
* Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
* Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck)
* Fix passwords using Unicode characters not recognized in text mode.
* Make sector size mismatch error when mounting disks more verbose.
* Speedup SHA256 in 64-bit mode by using assembly code.