The author of the VeraCrypt disk partition encryption system has issued a warning to users regarding Microsoft’s decision to block his account, which is used to digitally sign VeraCrypt assemblies for Windows. This action has prevented the publication of a new release of VeraCrypt for Windows. The key that signed the latest release of VeraCrypt 1.26.24 is set to expire in June, after which the VeraCrypt driver may be blocked by secure boot mode.
The blocking of the account occurred abruptly, without prior warning or the opportunity to file an appeal. The only reason provided was the failure of the organization to comply with verification requirements, with no further clarification on Microsoft’s specific concerns. Despite efforts to contact Microsoft, the author of VeraCrypt received only automated bot responses.
The author of the VPN WireGuard has also spoken out about Microsoft’s account blocking, stating that his account for creating releases for Windows has also been blocked. Similar to VeraCrypt, the developer received no warnings – upon attempting to create a signature for a WireGuard update, the author discovered his account was blocked. The appeals process can take up to 60 days with an unpredictable outcome. This situation may hinder the author’s ability to swiftly address critical vulnerabilities in WireGuard for Windows. Interestingly, Microsoft utilizes WireGuard in its Azure Kubernetes Service product.