VeraCrypt can be used as an encryption system under Windows, Linux and macOS. And there are several changes to the encryption software VeraCrypt with the new update to version 1.26.18 including several improvements in this version. For example, support for AES hardware on ARM64 platforms (e.g. Windows ARM64, macOS on Apple Silicon Mx) has been added.

Furthermore, support for SHA-256 x86 intrinsic has been added to improve the performance of PBKDF2-HMAC-SHA256. 32-bit support on Windows has now been discontinued. The minimum version requirement is now Windows 10 1809 (October 2018 Update). All changes can be found in the Release Notes:

Changes in Windows

• Reduced the occurrence of driver deadlocks in low-memory scenarios caused by reentrant IRP completions.
• Fixed EFI detection failure on some PCs where the BootOrder variable is not defined
• Fixed "Access denied" error when updating VeraCrypt via EXE setup after a Windows upgrade.
• Fixed various issues affecting the EFI System Encryption Configuration Editor.
• Fixed a bug in Traveler Disk creation
• Replaced the deprecated CryptGenRandom with BCryptGenRandom to generate secure random bytes.
• Used a modern API to collect system entropy for random generation instead of the deprecated one.
• Updated LZMA SDK to version 24.09 and libzip to version 1.11.2

Changes in Linux

• CVE-2024-54187: Added absolute paths when running system binaries to prevent path hijacking
• CVE-2025-23021: Prevent volumes from being mounted in system directories and PATH
• Fixed an assertion issue with the wxWidgets library included with Ubuntu.
• Improved directory opening logic by prioritizing xdg-open and adding fallback mechanisms.
• It is now ensured that the volume exists before starting the mount operation.
• Fix "Password too long" error message not being extended to the maximum length
• Simplify sudo session detection logic.

Changes in macOS

• CVE-2024-54187: Added absolute paths when running system binaries to prevent path hijacking
• CVE-2025-23021: Prevent volumes from being mounted to system directories and PATH
• Disables screen capture by default. Added --allow-screencapture CLI switch to enable it if needed.
• Now ensures that the volume exists before starting the mount operation.
• Built-in sudo session detection logic

Find all downloads here.