Version

7.2.x.

Issue

Approved USB device is triggering a block after entering the Bitlocker password, but the device is accessible for write after acknowledging the Bit9 notifier.

Symptoms

Removable device setting on the policy has Active to block Write action on Unapproved Removable Devices. Ntoskrnl.exe gets a block when using Bitlocker on an approved USB device.

Solution

Create a custom rule

Rule type: Advanced

Operation: Write

Write Action: Allow

Path: \device\harddiskvolume*

Process ntoskrnl.exe