Jump to content
  • Windows devices with newest CPUs are susceptible to data damage


    Karlston

    • 3 comments
    • 721 views
    • 2 minutes
     Share


    • 3 comments
    • 721 views
    • 2 minutes

    Microsoft has warned today that Windows devices with the newest supported processors are susceptible to "data damage" on Windows 11 and Windows Server 2022.

     

    "Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage," the company revealed today.

     

    Devices affected by this newly acknowledged known issue use AES-XTS (AES XEX-based tweaked-codebook mode with ciphertext stealing) or AES-GCM (AES with Galois/Counter Mode) block cipher modes on new hardware.

     

    While Microsoft mentions the data loss risks on affected systems, the company does not elaborate on what customers should expect if they're hit by this issue.

    Issue fixed in May and June Windows updates

    Microsoft says the issue was addressed to prevent further data damage in preview and security releases issued on May 24 and June 14, respectively.

     

    However, these Windows updates also come with a performance hit since AES-based operations might be two times (2x) slower after installing them on affected systems running Windows Server 2022 and Windows 11 (original release).

     

    Scenarios impacted by the performance hit might include BitLocker, Transport Layer Security (TLS) (specifically load balancers), and disk throughput (especially for enterprise customers).

     

    "We added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions," Microsoft said when describing the cause of the issue.

     

    "SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors."

    Workaround for the performance hit

    Customers experiencing performance degradation are advised to install June 23 preview update (Windows 11Windows Server 2022) or the July 12 security update (Windows 11Windows Server 2022) for their OS version as a workaround.

     

    Microsoft says these Windows updates will restore initial performance metrics once installed on affected devices.

     

    "If this affects you, we strongly urge you to install the May 24, 2022 preview release or the June 14, 2022 security release, as soon as possible, to prevent further damage," Microsoft added.

     

    "Performance will be restored after you install the June 23, 2022 preview release or the July 12, 2022 security release."

     

     

    Windows devices with newest CPUs are susceptible to data damage


    User Feedback

    Recommended Comments

    57 minutes ago, Israeli_Eagle said:

    So the new CPUs or the buggy W11 are the reason??

    Yes, but it wasn’t the new CPUs. :)

     

    For W11, the bug was in the original release, then it was fixed by updates as described in the second last paragraph, but that fix also introduced a performance issue which was fixed by updates as described in the last paragraph.

    • Like 2
    Link to comment
    Share on other sites


    1 hour ago, Karlston said:

    Yes, but it wasn’t the new CPUs. :)

     

    For W11, the bug was in the original release, then it was fixed by updates as described in the second last paragraph, but that fix also introduced a performance issue which was fixed by updates as described in the last paragraph.

     

    I still think W11 is only Alpha level...
    Luckily I'm still on W10 have no problems with RDR2. :snack:

    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...