Dell Encryption Console breaks after installing March 2019 Windows Update

Following the latest round of updates from Microsoft, the Dell Encryption Console used for securing data on enterprise-deployed laptops stops working, but data remains secure.

Microsoft BitLocker: Built-in encryption for your Windows PC

Users of Dell Encryption Services are likely to face confusion after installing the March 2019 Patch Tuesday round of updates from Microsoft, as a conflict between the Dell Encryption Console and security updates for Windows prevents the program from working correctly.

According to a Dell bulletin on the issue:

The March 2019 Cumulative update is preventing the Dell Encryption Local Management Console from properly communicating to services that provide the encryption status of the device. This has been seen to cause issues with end-user prompts and is leading to various User Interface components to not properly launch or display information. Due to these UI display issues, Opt-In (Deferred Activation) and Server Encryption will not prompt for activation data when the March 2019 Update is installed on an endpoint with Dell Encryption.

This causes the Encryption Console to claim that the system in question is uninitialized and unmanaged, which would naturally raise concerns with users seeking to secure their data. This issue has been observed on Windows 10, 8.1, and 7, as well as Windows Server 2016.

SEE: Encryption policy (Tech Pro Research)

Fortunately, the underlying encryption service is running correctly, and data is not compromised as a result of the issue. Users can verify that the service is activated by checking for the associated "DCID" key in Windows Registry, located at:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CMGShield

Users of Dell Encryption Services can update to version 10.2.1 to correct the encryption state reporting issue.

For more on ensuring encryption works on your system, check out Why the encryption on your SSD in Windows 10 may be failing, and How to create an encrypted vault with KDE Vaults.

Also see