Microsoft has warned that some users may be affected by an issue related to its encryption features in combination with CPUs with Vector Advanced Encryption Standard (VAES) instructions. The issue can lead to ‘data damage’. The issue affects Windows 11 and Windows Server 2022.
According to a post on Microsoft’s website (opens in new tab), the services that may be impacted include Bitlocker, which is Microsoft’s full volume encryption feature. It uses the AES instruction sets supported by modern CPUs, specifically the AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS) and AES with Galois/Counter Mode (GCM) (AES-GCM).
The list of CPUs that are affected has not been revealed, however, Intel 10th Gen and newer, and AMD Ryzen 5000 and newer CPUs are believed to be affected. It’s believed that the issue is a result of Windows code, and not a hardware issue.
Bleeping Computer (opens in new tab) reports that Microsoft has been aware of the issue for some time, releasing preview and security releases in May and June. These interim patches caused a performance hit, but there is good news. According to Microsoft support, “performance will be restored after you install the June 23, 2022 preview release or the July 12, 2022 security release”. So, if you are using Bitlocker or other Microsoft disk encryption, you should update your Windows right now if you haven’t already.
The cause of the issue is described as follows: “We added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions. SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors.”
The launch of Windows 11 has been a success for the most part. But like any widely installed operating system with an essentially infinite number of hardware and software combinations, issues will always rear their heads. Problems with updating won’t go away (opens in new tab), and Windows Defender is known to affect Intel CPU performance (opens in new tab).
There’s always Linux. It’s getting more game friendly all the time, led by the success of the Steam Deck (opens in new tab).