PGP Disk Encryption Bricks Upgraded Macs

Some Apple Mac users who rushed to upgrade their systems with the company's latest security patch were left to scramble for help after a conflict with disk encryption software from PGP rendered the upgraded Macs un-bootable. 

Reports of users who were unable to boot their Macs after upgrading their Mac OS X systems to the 10.6.5 version began appearing in PGP support forums on Wednesday.

"Do NOT apply 10.6.5 if you are running PGP FDE on Mac.  Myself and at least one other person I know of directly can no longer boot," wrote a PGP Forum member using the name GeorgeStarcher on Wednesday afternoon.  

That message was followed by those from other users, also reporting "bricked" unbootable Macs following the upgrade. 

"I can also verify that 10.6.5 bricked my WDE Macbook Pro. It's frozen at the boot screen. Looks like a wipe and reinstall is necessary," posted a user with the handle Static416.

By Wednesday evening, PGP - now a division of Symantec Corp. - had posted an alert warning customers using its Mac Whole Disk Encryption (WDE) product not to upgrade. 

"MAC WDE customers should not apply the recent Mac OS X 10.6.5 update. Compatibility issues may prevent the system from successfully booting. We will provide a detailed update as soon as a solution has been identified," the post, signed PGP Technical Support, read.  

PGP WDE customers who need to upgrade were advised to first decrypt their drive, apply the 10.6.5 update and then re-encrypt it, PGP said. Symantec has not yet responded to a request for comment from Threatpost.

By Thursday, the SANS Internet Storm Center was warning its readers to beware of issues with PGP WDE when upgrading to 10.6.5.

Questions about whether users needed to decrypt their drives before applying the patch were raised prior to the release of the upgrade on Wednesday, without clear guidance from PGP.

Pre-release versions of the 10.6.5 update have been available to Apple development partners for weeks. It is not clear whether PGP tested its WDE product on those prior to the official release on Wednesday, or whether a last minute change to 10.6.5 caught the company by surprise. 

The lack of clear communication from PGP clearly irritated customers. 

"Can confirm it as well. Absolutley (sp) pathetic support. It would have taken 5 mins to find this. What are the alternatives to pgp?" posted a user with the handle prquinlan to the PGP support site.

While no company-sanctioned workaround has yet been posted, users note that a PGP document on recovering encrypted data from drives using the OSX version of  its whole disk encryption product does provide instructions on recovering from boot issues with encrypted disks that were successful in allowing customers who upgraded to recover their drive. That document is available here. (PDF)

Commenting on this Article is closed.