New Security Tool for Encrypting File System

Microsoft has developed an improved version of the cipher.exe tool, offering an important new option—the ability to permanently overwrite all of the deleted data on a hard drive. This improves security by ensuring that even an attacker who gained complete physical control of a Windows 2000 machine would be unable to recover previously deleted data.

The rationale for the tool is discussed in detail in a FAQ, and detailed operating instructions are provided in a Knowledge Base article. However, several important caveats should be noted:

  • It is essential that the tool be installed using the installer package, rather than simply copying the new version of cipher.exe to the system. The tool relies on additional NTFS functionality that is added as part of the installation process. If you simply copy cipher.exe to a machine and run it, you could destroy data on the drive.

  • All applications should be closed before running the tool.

  • The tool is not a cure-all that makes it safe to store sensitive data in plaintext. The tool enables sensitive data to be removed from the drive; however, if best practices are followed, such data will not be created on the drive to begin with.

Microsoft thanks Clem Colman of Colman Communications Consulting Pty Ltd ( for suggesting the development of this tool.

icodownl  Download the Tool here.