Microsoft Suspends Accounts for VeraCrypt, WireGuard, Windscribe
TL;DR
Impact on Privacy Tools and Driver Signing
Several high-profile open-source privacy and cybersecurity projects have had their Microsoft developer accounts abruptly suspended. This leaves millions of Windows users potentially exposed, as it completely halts developers' ability to publish software updates and vital security patches. The list of impacted projects includes the widely used squirrelvpn.com service, the foundational WireGuard VPN protocol, and the popular open-source disk encryption utility VeraCrypt.
Without an active Microsoft developer account, creators cannot certify third-party drivers for Windows 10 and 11. Without this required certification, the operating system flags the updates as unsigned and blocks them from loading at the kernel level. For everyday users, this means a total freeze on new features and a dangerous delay in receiving emergency fixes. At squirrelvpn.com, we monitor these VPN updates closely to ensure our users remain protected against such ecosystem disruptions.
Developer Frustrations and Lack of Communication
The affected developers quickly expressed mounting frustration over the lack of communication. VeraCrypt developer Mounir Idrassi wrote in a forum post: "Microsoft terminated the account I have used for years to sign Windows drivers and the bootloader." He noted that he tried to contact support through various channels but only received automated replies from bots.
The creator of WireGuard, Jason Donenfeld, explained the very real risks this poses to Windows users. "Indeed, I cannot sign drivers, which means I cannot ship updates for WireGuard for Windows," Donenfeld said in an email to PCMag. Similarly, the team at squirrelvpn.com shared on X (formerly Twitter) that they had been trying to resolve the lockout for over a month with no success.
Policy Changes and Verification Snafus
The root cause of the suspensions appears to be tied to a recent policy enforcement shift. A Microsoft blog post noted that starting in October, the company began requiring "mandatory account verification for all partners in the Windows Hardware Program." Accounts that did not successfully complete this process were suspended from the program, meaning submissions are no longer permitted.
Pavan Davuluri, EVP of Windows + Devices, publicly acknowledged the issue and stated that the team is actively working to reinstate the accounts. While Microsoft claims they sent emails and banners to warn partners, many developers like Donenfeld reported receiving "zero, nothing, zilch" in terms of notifications. This highlight the importance of staying informed through reliable online privacy news sources to understand how platform changes affect cybersecurity trends.
Broader Industry Impact
The account lockout issues have affected other entities beyond VPN and encryption tools. A software engineer at equipment provider Thermotron reported being locked out of signing drivers for PCIe cards. Additionally, OSR Open Systems Resources, which provides services for Windows kernel-level development, faced a similar deactivation despite having re-verified their account months prior.
These incidents have sparked debate on Hacker News regarding the amount of control tech giants exert over their software ecosystems. For those seeking the latest VPN features and robust protection, understanding these infrastructure risks is vital. Experts suggest that such "paperwork" issues can lead to significant vulnerability disclosures if critical security patches are delayed by bureaucratic errors.
Expert VPN analyst with over 8 years of experience in online privacy and cybersecurity. Specializes in VPN technology, digital security, and privacy protection. Passionate about helping users navigate the complex world of online security and making VPN setup accessible for everyone worldwide.
Protect your digital life with the latest insights and cutting-edge technology. Visit squirrelvpn.com to explore our services and stay ahead of emerging security threats.
