Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2026-06-15 09:06:08 -05:00
Code Activity

Document system favorite VHD startup limitation

Browse Source 
Clarify that Windows startup-managed VHD/VHDX files, including Dev Drive backing images, cannot live on system favorite volumes because they are accessed before those volumes are mounted.

Document that native-boot VHD/VHDX files also cannot live on system favorite volumes and remain subject to the existing VeraCrypt pre-boot authentication limitation for operating systems installed within VHD/VHDX files.

Mention a delayed/retrying attach workaround for non-boot-critical VHD/VHDX files after VeraCryptSystemFavorites mounts the host volume.

Closes #1605.
This commit is contained in:
Mounir IDRASSI
2026-05-25 15:41:49 +09:00
parent 5bd9277970
commit 0d86b9b3e6
4 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
doc/html/en/Issues and Limitations.html
+2 -1
View File
@@ -62,7 +62,8 @@ In such situations, the issue can be solved by disabling VeraCrypt waiting dialo
by selecting <em>System</em> &gt; <em>Mount Without Pre-Boot Authentication,</em> is limited to primary partitions (extended/logical partitions cannot be mounted this way).
</li><li>Due to a Windows 2000 issue, VeraCrypt does not support the Windows Mount Manager under Windows 2000. Therefore, some Windows 2000 built-in tools, such as Disk Defragmenter, do not work on VeraCrypt volumes. Furthermore, it is not possible to use the Mount
Manager services under Windows 2000, e.g., assign a mount point to a VeraCrypt volume (i.e., attach a VeraCrypt volume to a folder).
</li><li>VeraCrypt does not support pre-boot authentication for operating systems installed within VHD files, except when booted using appropriate virtual-machine software such as Microsoft Virtual PC.
</li><li>VeraCrypt does not support pre-boot authentication for operating systems installed within VHD/VHDX files, except when booted using appropriate virtual-machine software such as Microsoft Virtual PC.
</li><li>VHD/VHDX files that Windows must attach automatically during startup, including Dev Drive backing VHDX files, cannot be stored on system favorite volumes because these volumes are mounted only after the earlier Windows boot and storage initialization phases have already started. Store such non-boot VHD/VHDX files on the encrypted system partition/drive or on another partition within the key scope of system encryption. Native-boot VHD/VHDX files also cannot be stored on system favorite volumes; they remain subject to the preceding limitation on pre-boot authentication for operating systems installed within VHD/VHDX files. For VHD/VHDX files that are not required for boot or early Windows startup, disable Windows automatic attachment and attach them later using a delayed/retrying startup task or a service that depends on the <em>VeraCryptSystemFavorites</em> service. This workaround is not suitable for native-boot VHD/VHDX files or any other file that Windows must access before services can run.
</li><li>The Windows Volume Shadow Copy Service is currently supported only for partitions within the key scope of system encryption (e.g. a system partition encrypted by VeraCrypt, or a non- system partition located on a system drive encrypted by VeraCrypt, mounted
when the encrypted operating system is running). Note: For other types of volumes, the Volume Shadow Copy Service is not supported because the documentation for the necessary API is not available.
</li><li>Windows boot settings cannot be changed from within a hidden operating system if the system does not boot from the partition on which it is installed. This is due to the fact that, for security reasons, the boot partition is mounted as read-only when the