Redmond, Washington, April 9, 2026, 06:12 (PDT)
Microsoft on Thursday said it’s moving to restore access for the developers of WireGuard and VeraCrypt after a sweep through its Windows Hardware Program cut them off from pushing Windows updates. “Should be fixed in a bit,” Microsoft vice president Scott Hanselman posted. VeraCrypt’s Mounir Idrassi said he’s now in touch with the right folks at Microsoft. X (formerly Twitter)
This disruption hits developers who rely on Microsoft’s code-signing pipeline—the cryptographic gatekeeper for Windows drivers and boot software—every time they need to push out low-level updates. If verification fails, Microsoft’s own Partner Center docs warn it can bring driver code signing and hardware submissions to a halt, turning what starts as an account snag into a full-blown patch delivery headache.
Back in October, Microsoft flagged to Windows Hardware Program partners that accounts unverified since April 2024 would face fresh verification checks, with a 30-day window before possible suspension. Pavan Davuluri, executive vice president for Windows and Devices, said the company relied on “emails, banners, reminders” to get the word out. After pushback from developers claiming they hadn’t seen any alerts, Davuluri said Microsoft will take another look at how it handles communications around policy changes. Microsoft
WireGuard’s creator, Jason Donenfeld, said Microsoft’s suspension halted a Windows release in its tracks. Posting on Hacker News, Donenfeld described the move as coming with “no warning at all, no notification.” If a critical bug pops up, he said, Microsoft would leave his “hands entirely tied.” WireGuard is also the backbone for privacy services like Proton and Tailscale. Hacker News
On March 30, Idrassi posted on a forum that Microsoft had shut down the account he’d long used to sign both VeraCrypt’s bootloader—the essential code that runs before Windows starts—and Windows drivers. Later, he cautioned that anyone depending on full-system encryption might run into boot issues after July 2026, as Microsoft plans to revoke the certificate authority, breaking the digital trust chain for the current bootloader.
But the issue stretched beyond just those two projects. BleepingComputer flagged that Windscribe and MemTest86 were hit by similar suspensions. Windscribe, for its part, noted it had relied on a verified Microsoft account to sign drivers for over eight years, and said it spent “over a month” pushing to have the freeze reversed. BleepingComputer
Rufus creator Pete Batard posted on VeraCrypt’s forum describing how he’d hit “the exact same issue” with Secure Boot signing, but eventually got it resolved via Partner Center support. According to Batard, that “no appeals” line looked like generic language, and in his own case, Microsoft’s automated WHOIS domain check seemed to have tripped up. SourceForge
The immediate risk remains. Donenfeld said an appeal might drag on for 60 days. Idrassi described the prospect of not regaining signing access before the certificate change as a “death sentence” for VeraCrypt’s system-encryption on Windows. And even if accounts come back soon, this episode exposes just how much a single admin barrier can delay critical updates for software relied on to secure data and traffic. Hacker News
