Page MenuHome GnuPG

GpgOL: Handle CreateProcess errors caused by Microsoft Defender Enterprise
Open, WishlistPublic


There have been two reports now from users that the configuration dialog cannot be opened and that decryption of messages failed. The underlying cause is a Microsoft Defender rule that blocks CreateProcess calls. I believe it is

In this case we should handle the error and probably show a MessageBox with at least some information pointing administrators to the possible source of the problem. GpgOL uses GPGME Spawn Engine for that and the decryption failure with Unsupported Protocol also comes from GPGME so maybe GpgME's w32-io spawn would be the best place for such an error handling. Though we need to check which return code occurs in case of such a blockage.

Event Timeline

aheinecke triaged this task as Wishlist priority.Feb 14 2023, 9:27 AM
aheinecke created this task.

I have seen that the rule is honoring the exclusions of Microsoft Defender but I do not know if one would need to exclude gpgol.dll or the gpgolconfig.exe / gpg.exe in this case.