Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Bug Security Encryption Windows

Windows 11 Encryption Bug Could Cause Data Loss, Temporary Slowdowns On Newer PCs (arstechnica.com) 28

An anonymous reader quotes a report from Ars Technica: Microsoft has published a knowledge base article acknowledging a problem with encryption acceleration in the newest versions of Windows that could result in data corruption. The company recommends installing the June 2022 security updates for Windows 11 and Windows Server 2022 "to prevent further damage," though there are no suggested solutions for anyone who has already lost data because of the bug.

The problems only affect relatively recent PCs and servers that support Vector Advanced Encryption Standard (VAES) instructions for accelerating cryptographic operations. Microsoft says affected systems use AES-XTS or AES-GCM instructions "on new hardware." Part of the AVX-512 instruction set, VAES instructions are supported by Intel's Ice Lake, Tiger Lake, Rocket Lake, and Alder Lake architectures -- these power some 10th-generation Core CPUs for laptops, as well as all 11th- and 12th-gen Core CPUs. AMD's upcoming Zen 4 architecture also supports VAES, though by the time these chips are released in the fall, the patches will have had plenty of time to proliferate. Microsoft says that the problem was caused when it added "new code paths" to support the updated encryption instructions in SymCrypt, Windows' cryptographic function library. These code paths were added in the initial release of Windows 11 and Windows Server 2022, so the problem shouldn't affect older versions like Windows 10 or Windows Server 2019.

The initial fix for the problem, provided in Windows' June 2022 security update package (Windows 11 build 22000.778), will prevent further damage at the cost of reduced performance, suggesting that the initial fix was to disable encryption acceleration on these processors entirely. Using Bitlocker-encrypted disks or the Transport Layer Security (TLS) protocol or accessing encrypted storage on servers will all be slower with the first patch installed, though installing the July 2022 security updates (Windows 11 build 22000.795) should restore performance to its previous level.

This discussion has been archived. No new comments can be posted.

Windows 11 Encryption Bug Could Cause Data Loss, Temporary Slowdowns On Newer PCs

Comments Filter:
  • by Anonymous Coward
    The old adage has always been "wait for the .1 release." What do you mean there's not going to be a Windows 11.1?
  • by JoeyRox ( 2711699 ) on Tuesday August 09, 2022 @06:02PM (#62776152)
    It's not like Microsoft is in the data integrity business anyway.
  • by znrt ( 2424692 ) on Tuesday August 09, 2022 @06:19PM (#62776184)

    ... happily w11-free!

  • No surprise, Win11 is (again) an attempt by Microsoft to find out how cheaply and crappily they can make things before customers complain.

    • How do you know it's crappy? I'm just waiting for the post telling you how many BTC you need to send to Redmond to get your encrypted data back. It works for Conti and LockBit, why shouldn't Microsoft copy their business model?
      • How do you know it's crappy?

        Because they have finished their long research into trusted computing, locking down the internet, and changing how exe's work from now on to kill piracy, piracy over the next 20 years will slowly begin to disappear because they are changing how CPU's process assembly instructions.

        For the first 40 year sof general computing from 1960 to 2000 roughly, we got "general cpu's" aka we had root and plaintext compiled c++ binaries (aka honestly compiled exe's). That's what made PC games trivial to crack from the 8

  • New NSA paths? (Score:2, Insightful)

    by AcidFnTonic ( 791034 )

    Sounds like NSA code paths added for backdooring things and they borked it.

    OR the hardware encryption is too hard to break so this intentional bug is here to dissuade usage.

    Which is it?

    • I'd go with Hanlon's razor here. It's pretty easy to mess up when dealing with encryption, and they probably did exactly that here.
      • The trick with doing stuff in parallel is putting it back together across threads both correctly and quickly.

        When your test file is all zeroes it makes it even harder.

    • Considering that Microsoft stores your Bitlocker key on their cloud servers, there's not much reason for them to backdoor the algorithm.

    • by kmoser ( 1469707 )
      We must commend Microsoft for creating one-way encryption that, with any luck, will never be hacked.
    • so this intentional bug is here to dissuade usage.

      Is that why they fixed it? Man I wish for the days of old Slashdot where conspiracy theories actually made sense rather than the senseless drivel we read these days.

      "I'm only here for the comments" used to reflect the quality of the stories. Pretty soon we'll only come for the summaries.

  • It's interesting, Microsoft made another Windows 8--err ME.
  • If I wanted Mac OS, I'd buy a mac. I got a mac for work and it's amazing (battery life!). Windows on the other hand has killed off everything I liked about it, first of they totally messed up the UI, they closed off a lot of the OS (do they even listen to customers?). I don't want everything funneled through the store, if I did I would buy a Mac. They have way to much involvement with TPM, (and again microsoft, if I wanted a locked down computer I would buy a Mac). So quit trying to be apple, microsoft, li
    • I've been using Windows since Windows 2, and I have almost never used the store. I think I've installed 1 thing from the store, and that was a distro for WSL, and that's it. 99.9% of the stuff funneled through the store is stuff experienced people don't actually have any use for.

      But yeah, they need to stop trying to copy Apple. Microsoft used to do things. Now all they do is copy everyone else.

  • was this the same standard that was shown to be backdoored? or is it a variant of?

  • According to this :

    https://support.microsoft.com/... [microsoft.com]
    "
    After applying those updates, you might notice slower performance for almost one month after you install them on Windows Server 2022 and Windows 11 (original release).
    "
    So it speeds up after a month?

Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce

Working...