IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

Approved USB device is triggering a block after entering the Bitlocker password

Approved USB device is triggering a block after entering the Bitlocker password

Version

7.2.x.

 

Issue

Approved USB device is triggering a block after entering the Bitlocker password, but the device is accessible for write after acknowledging the Bit9 notifier.

 

Symptoms

Removable device setting on the policy has Active to block Write action on Unapproved Removable Devices. Ntoskrnl.exe gets a block when using Bitlocker on an approved USB device.

 

Solution

Create a custom rule

Rule type: Advanced

Operation: Write

Write Action: Allow

Path: \device\harddiskvolume*

Process ntoskrnl.exe

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎01-16-2015
Views:
1235
Contributors