VeraCrypt developer Mounir Idrassi says Microsoft has locked the account he used to sign Windows drivers and a bootloader, potentially affecting the ability of Windows PCs encrypted with the software to boot. The situation highlights how platform operators can affect third-party software distribution, even when the software itself is open-source.
What Happened
In an online post dated March 30, VeraCrypt developer Mounir Idrassi stated that Microsoft “terminated the account I have used for years to sign Windows drivers and the bootloader,” according to TechCrunch. Idrassi said he received no explanation and no ability to appeal the decision. He also said attempts to contact Microsoft did not connect him with a human representative.
Because Microsoft requires developer accounts to re-verify the security of their software, Idrassi warned that “many devices running VeraCrypt will soon be unable to boot if the issue is not resolved,” as reported by TechCrunch.
Technical Context
VeraCrypt is an open-source encryption tool that allows users to encrypt individual files or an entire operating system and user data to protect against pre-bootup attacks. According to TechCrunch, the latest Windows version of VeraCrypt, published in May 2025, shows the software’s installer file at almost a million downloads since release.
The reported issue is not about the strength of the encryption itself, but rather whether Windows systems can complete the boot process after updates or when signing-related verification changes occur. The distribution and signing layer could determine whether users can maintain bootable systems.
Current Status for Users
Idrassi told TechCrunch that for affected users “there is nothing special to do for now” and that “VeraCrypt will continue to work,” with “no security issues identified currently.” He noted that he can push new updates to Linux and macOS users without restriction, while Windows users “cannot currently receive updates,” according to TechCrunch.
Broader Implications
The situation illustrates how platform operators maintain considerable control over third-party applications distributed on their platforms. Developer accounts can be revoked under rules that may change at any time, creating potential risks for users who depend on third-party software maintenance and updates. If similar account restrictions affect other security tools, it could raise questions about update continuity and boot access across the software ecosystem.
Source: TechCrunch