Due to additional security measures, we have implemented Multi-Factor Authentication (MFA) on this Support Portal. Please log in using your registered email ID or phone number. In case of any difficulty, kindly reach out to Seqrite Support by emailing us at "support@seqrite.com".
  1. Home
  2. Solutions
  3. Knowledge Base Article
  4. Windows 10 Update (19H2) – Precautionary Measures

Windows 10 Update (19H2) – Precautionary Measures

02-04-2020 10:27:39

Overview:

This is the precautionary measure and Windows update information for the volumes that are encrypted with Seqrite Volume Encryption.

What will happen if Windows update is carried out without taking appropriate precaution by SEM for the encrypted volumes?

When the Windows update (19H2) is deployed on any BIOS-based computer using MBR, the computer may hang. Following things may occur while performing such update without any changes to the encrypted volume using SVE:

1. When the update starts, computer will ask for update restart and SEM pre-boot will be prompt.

2. In the process, the 1st restart will trigger at 30 % of upgrade completion.

3. Again computer pre-boots and completes the upgrade upto 75 %.

4. Again the computer restarts and displays the pre-boot prompt for the password.

5. After receiving the correct password, BSOD ( UNMOUNTABLE BOOT VOLUME ) is visible. Then the computer goes into recovery mode.

Precautionary Measures

You can use the SEM policies as precautionary measures before updating to the Windows (19H2).

Precaution 1: If the policy is set as Encrypted, then follow these precautionary steps:

1. Log on to SEM console.

2. Click Seqrite Volume Encryption :Encryption Policies.

3. Click that policy where the Fix drives column action is selected as Encrypt.

4. In Edit Policy dialog box, clear the Encrypt volumes without driver letter (mount points) check box. See the screen shot below.

5. Repeat 3rd and 4th steps for all the policies where the Fix drives column action is selected as Encrypt.

6. Update the Windows OS.

7. After updating Windows, again go to that policy where the Fix drives column action is selected as Encrypt. In Edit Policy dialog box, again select the Encrypt volumes without driver letter (mount points) check box.

Precaution 2: If the policy is set as Manage Locally, then follow these precautionary steps:

If Manage Locally policy is applied, then before the Windows update, first decrypt the mount point. After the update, again encrypt the mount point.

1. Open Seqrite Volume Encryption.

2. If the System Reserved(Mount point) is encrypted, then right-click the encrypted volume (mount point) and select Decrypt Volume.

3. Click Yes.

4. Enter the password and click OK.

5. Decryption starts

6. After decrypting the volume, click OK.

7. Update the Windows.

After completion of Windows update, encrypt the System Reserved (Mount point ) volume by following these steps.

8. Open Seqrite Volume Encryption.

9. Right-click the System Reserved (mount point) volume and select Encrypt Volume.


10. Enter password and click OK.

11. Allow the encryption to complete.

12. Click OK.

In case of any query or required assistance, you may raise ticket on below link so our Technical Support Team can assist you to resolve your query.

http://esupport.seqrite.com/support/tickets/new