Advisory: Accidental overwrite of a SafeGuard LAN Crypt key can occur under specific circumstances, preventing access to data. Patch now available.

  • Article ID: 113822
  • Updated: 02 Dec 2015

We strongly recommend that you install the available patch in order to avoid the possibility of this issue occurring.


It is possible to accidentally overwrite the key value of an existing LAN Crypt key when you are making changes to the key. If this does occur, you will no longer be able to use the key to decrypt files. However, this issue only affects keys that are not currently attached to a rule.

ALL of the following conditions must be true in order for this issue to occur:

  • The modification of the key is done by a security officer who does not have the global permission Create Profiles.
  • The modification of the key is done using the Administration GUI.
  • The short name of the key is exactly 16 characters long.
  • The key has a key value.
  • The key is currently not used in an encryption rule (but may have been used before).

Note the following:

  • Modifications of keys by an MSO are not affected at all.
  • Modifications of keys via the API are not affected.

Applies to the following Sophos product(s) and version(s)
SafeGuard LAN Crypt Administration 3.61

Operating system(s)
All supported operating systems

What to do

In order to avoid the possibility of the above issue occurring, you should install the available Patch 3.61.4.

For more information, please read the Release Notes 3.61.4.

If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent