Notebookcheck Logo

Windows 11 encryption standard discovered to damage data, fix affects CPU performance

As with most Windows vulnerability fixes, CPU performance is affected to a certain degree. (Image Source: Lansweeper.com)
As with most Windows vulnerability fixes, CPU performance is affected to a certain degree. (Image Source: Lansweeper.com)
Microsoft managed to issue a fix for the Windows 11 / Windows Server 2022 encryption vulnerability that makes use of the Vector Advanced Encryption Standard, but the patch is impacting CPU performance. Affected CPUs include Intel's 10th, 11th, 12th and 13th gen models, while AMD's affected models include Zen 3 and upcoming Zen 4 processors. Another fix that addresses the performance issues is expected to be available in a month.

Micorosft recently identified a data integrity vulnerability that impacts Windows 11 / Windows Server 2022 devices supporting the newest Vector Advanced Encryption Standard (AES) (VAES) instruction. Affected processors that could be susceptible to data damage include Intel’s Ice Lake, Tiger Lake, Ice Lake-SP and Sapphire Rapids-SP models, while AMD’s affected models include the Ryzen 5000, Ryzen 5000X3D, EPYC Milan, EPYC Milan-X and EPYC Genoa, plus the upcoming Zen 4 processors. Intel’s Alder Lake and upcoming Raptor Lake are partially affected as the platforms do not officially support VAES, but the feature can be enabled through custom BIOS firmware.

This issue is fixed with the May 24, 2022 preview release and the June 14, 2022 security release. However, these updates apparently slow down CPU performance by up to 2x in applications like Bitlocker and Transport Layer Security load balancers. Enterprise customers may also experience slower disk throughput. Performance issues should be fixed with the installation of the June 23, 2022 preview or the July 12, 2022 security release.

The data integrity vulnerability was caused by the addition of new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES instructions. SymCrypt is the core cryptographic library in Windows and it uses AVX instructions featured on the latest Intel and AMD processors, especially the server-grade ones.

 

Buy the Windows 11 Pro digital upgrade on Amazon

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
.170
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2022 08 > Windows 11 encryption standard discovered to damage data, fix affects CPU performance
Bogdan Solca, 2022-08-10 (Update: 2022-08-10)