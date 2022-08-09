- Advertisement -

Microsoft has found a problem in Windows 11 and Windows Server 2022 which opens the door to data corruption in case of an instruction introduced in modern processors: Vector Advanced Encryption Standard (VAES). The company has not published an official list of processors that can trigger the bug, but it can be extensive.

The Redmond giant has explained that “Windows devices that support the latest Vector Advanced Encryption Standard (AES) (VAES) instruction set may be susceptible to data corruption”. Devices affected by the bug use one of two encryption modes: AES-XTS or AES-GCM.

Microsoft, according to its version, has been aware of the problem for a long time, since it published a security patch on May 24, 2022 in advance and on June 14, 2022 as stable to avoid data corruption. However, it was not all good news initially as the update could lead to performance loss after a month had passed after it was applied on Windows 11 and Windows Server 2022. Performance loss or degradation could be felt on BitLocker, TLS (specifically on load balancers), and disk performance itself, primarily on enterprise clients.

The data corruption was resolved, but the performance loss remained. The company immediately got to work with the intention of releasing another security patch in preview on June 23, 2022 and as stable on July 12, 2022so by now, if Microsoft has met its schedule, the issue should be resolved.

The patches to definitively solve the problem with the use of encryption have been distributed through the following updates:

Pre-release (preview release): KB5014668 on Windows 11 and KB5014665 on Windows Server 2022.

Security Release: KB5015814 on Windows 11 and KB5015827 on Windows Server 2022.

Returning to VAES, which is ultimately the source of the bug that concerns us in this post, the first generation of Intel processors that introduced support for the instruction was Ice Lake. On AMD’s side, at a minimum, Zen 3-based Ryzen 5000 processors have support triggering the bug discovered in the latest generation of Windows operating systems.

And so far, another episode of the problems that have already become a habit since the publication of Windows 10. Although no operating system is perfect, what happens with the Microsoft product has become a habit that is beginning to be annoying for some.