Microsoft has warned today that Windows devices with the newest supported processors are susceptible to "data damage" on Windows 11 and Windows Server 2022.
"Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage," the company revealed today.
Devices affected by this newly acknowledged known issue use AES-XTS (AES XEX-based tweaked-codebook mode with ciphertext stealing) or AES-GCM (AES with Galois/Counter Mode) block cipher modes on new hardware.
While Microsoft mentions the data loss risks on affected systems, the company does not elaborate on what customers should expect if they're hit by this issue.
Issue fixed in May and June Windows updates
Microsoft says the issue was addressed to prevent further data damage in preview and security releases issued on May 24 and June 14, respectively.
However, these Windows updates also come with a performance hit since AES-based operations might be two times (2x) slower after installing them on affected systems running Windows Server 2022 and Windows 11 (original release).
Scenarios impacted by the performance hit might include BitLocker, Transport Layer Security (TLS) (specifically load balancers), and disk throughput (especially for enterprise customers).
"We added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions," Microsoft said when describing the cause of the issue.
"SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors."
Workaround for the performance hit
Customers experiencing performance degradation are advised to install June 23 preview update (Windows 11, Windows Server 2022) or the July 12 security update (Windows 11, Windows Server 2022) for their OS version as a workaround.
Microsoft says these Windows updates will restore initial performance metrics once installed on affected devices.
"If this affects you, we strongly urge you to install the May 24, 2022 preview release or the June 14, 2022 security release, as soon as possible, to prevent further damage," Microsoft added.
"Performance will be restored after you install the June 23, 2022 preview release or the July 12, 2022 security release."
Comments
h_b_s - 1 year ago
"Data damage" the new marketing gloss over for "data loss" and "filesystem corruption". Don't be fooled. It's yet another case where Microsoft's bungled agile development practices have screwed the pooch. Their testing harnesses are entirely inadequate to support the massive legacy code bases they have to support in the time scales they need to release.
NoneRain - 1 year ago
Indeed.
GT500 - 1 year ago
So the only consumer level applications I could find in a quick search that seemed to possibly be able to make use of VAES were cryptocurrency mining apps. Granted that doesn't mean there weren't other more obscure uses, however this doesn't sound like it will impact the vast majority of home users. Enterprise use on the other hand, that could be significantly impacted depending on what sort of workloads actually use VAES.