Users of Windows 11 or Windows Server 2022 with recent CPUs are at risk for data loss. Luckily, few users will be affected. The people who do need to worry are the ones who encrypt data regularly. To be at risk, users needed to have had one of the following hardware running: AES with Galois/Counter Mode, or AES XEX-based tweaked codebook mode. These programs are used in cryptography.
This was a problem first addressed by Microsoft in May, and has since been resolved by their team. If you are one of the people who could be affected, download one of the most recent updates of Windows 11 available, either from the from the June 23, 2022 preview release or the July 12, 2022 security release.
If you are a member of SpireTech’s VIPsupport, don’t worry. We already fixed this for you. Just one of the many perks of hiring out your IT needs to SpireTech: the problem is resolved before you even knew there was one.
Why are recent CPUs affected? The devices that could be affected need to be able to run the most recent version of Vector Advanced Encryption Standard (VAES, or more commonly AES).
The potential data loss comes running one of the following hardware:
- AES with Galois/Counter Mode (GCM or AES-GCM)
- AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS)
Windows first put out a fix for this bug in May. The most recent updates, June 23 or July 12, are better and should be downloaded even if you downloaded the May update. The May update fixed the problem of potential data loss, but users would experience slower, worse performance in the following programs:
- Transport Layer Security (TLS)
- Disk throughput
If this is you, don’t worry. Performance resumes after installing the June 23 or July 12 release.
How does a bug like this happen? Changes in the code for a system update react in a way that the programmers didn’t expect. A Windows 11 update was pushed to Microsoft users, and code path changes in SymCrypt, or Windows’ default cryptographic library, resulted in this data corruption.
If you’re a casual computer user, some of this article may have gone over your head. SpireTech provides excellent IT services for the greater Portland, OR area while still being able to relate and care for our clients. We believe in the person behind the keyboard! Contact us for a free consultation if you’re considering managed IT services for your small business.
If you’re not in the business of keeping your entire hard drive encrypted, you don’t need to worry about this flaw. If you do, you’re going to want to head to Microsoft’s newest releases ASAP.