The developer of the widely known file encryption software VeraCrypt has issued a warning to Windows users about potential boot-up issues following the locking of his Microsoft account. Mounir Idrassi, the developer, disclosed in an online post that Microsoft has terminated his account, which he has relied on for years to sign Windows drivers and the bootloader.
Idrassi stated that he received no explanation for the account termination or any opportunity to appeal the decision. Attempting to reach Microsoft for assistance, he found himself unable to contact a representative directly. The implications of this situation are significant; Microsoft mandates that developer accounts like Idrassi's undergo re-verification to ensure the security of their software. Consequently, he expresses concern that many devices utilizing VeraCrypt may soon face boot issues if the matter is not rectified.
VeraCrypt is an open-source encryption tool that enables users to secure files on their computers through password protection, or by encrypting the entire operating system to prevent unauthorized access. The latest version of VeraCrypt, released in May 2025, has garnered nearly a million downloads, highlighting its popularity among users.
This incident underscores the considerable power tech companies wield over applications distributed through their platforms. Users can encounter significant risks when relying on third-party developers to maintain accounts that can be terminated without notice. Although Idrassi can still provide updates for Linux and macOS users, the majority of his user base on Windows is currently unable to receive updates.
Despite the current situation, Idrassi reassured affected users that there are no immediate actions required, as VeraCrypt will continue to function. However, he warned that those who have enabled full disk encryption may begin to experience boot issues starting around late June. He explained that Microsoft plans to revoke the certificate authority used to digitally sign VeraCrypt software, a necessary step to prevent malware from altering the software.
"Users who have enabled system encryption with VeraCrypt may face boot issues after July 2026 due to the revocation of the certificate authority used for the VeraCrypt bootloader," Idrassi stated. He added that without access to the Microsoft account necessary for signing software updates, he would be unable to apply the required new signature to VeraCrypt, potentially making it impossible for users to boot their systems.
Idrassi emphasized the severity of the situation, claiming, "If the issue is not resolved by then, it would essentially mean a death sentence for VeraCrypt." This case reflects a broader trend of companies terminating online accounts without prior warning. Earlier this year, another developer, Paris Buttfield-Addison, faced a similar predicament when locked out of their Apple account after redeeming a possibly fraudulent gift card from a major retailer. Buttfield-Addison ultimately regained access to their account after the situation gained public attention.
This alarming situation serves as a reminder of the vulnerabilities that can arise from reliance on centralized platforms and the critical need for developers to maintain access to their accounts to ensure continued service for their users.
Source: TechCrunch News