CPUs that support the latest VAES instruction set may corrupt Windows 11 PC data | iThome

Microsoft’s announcement this week, If the Windows 11 PC uses a CPU that supports the latest Vector Advanced Encryption Standard (VAES) instruction set, data corruption may occur. The price of the patch is a reduction in PC performance. Fortunately, Microsoft has released another Windows update to solve the slow performance.

Microsoft pointed out that if the CPU of Windows 11 PC or Windows Server 2022 supports AES-XTS (AES XEX-based tweaked-codebook mode with ciphertext stealing) or AES-GCM (AES with Galois/Counter Mode) one of the instruction sets, then The machine will be affected.

In fact, almost all the latest Windows machines with new Intel CPUs are affected. VAES is part of the Intel VAX512 instruction set. Some modern CPUs, including Intel Ice Lake, Tiger Lake, Rocket Lake, and Alder Lake, as well as AMD’s upcoming Zen 4 architecture, also support VAES instructions.

In fact, Microsoft has added patches to the Windows 11 update preview released on May 24 this year, and the June 14 security update to avoid “further corruption” of data. But it comes at a price: Microsoft says users will notice slower performance in some cases nearly a month after installation. There are three cases: including the use of BitLocker, TLS (especially when load balancing is enabled), and disk transfer, the latter especially seen by enterprise users. In the above scenario the AES operation becomes 2x slower, which means the performance is halved.

Microsoft explained that this is because, in order to make good use of VAES instructions, Microsoft has added a new code path to the SymCypt component of Windows 11 (original version) and Windows Server 2022 version. SymCrypt is a Windows cryptography library. Fortunately, Microsoft said that performance will resume after installing the June 23 preview version of the Windows 11 update, or the July 12 security update.

However, while the latest update mitigates the performance drop, previously corrupted data cannot be restored.

Since Microsoft’s updates are all on Windows 11 or Server 2022, users of Windows 10 or Windows Server 2019 systems should not need to worry about this problem.

This is the latest bug related to the Intel VAX 512 instruction set. The latest version released in JuneOpenSSL version 3.0.4 appears with memory corruption bug related to Intel AVX512 instruction set, to prevent hackers from forcing installed users to remove it. Soon after, the maintenance unit released OpenSSL version 3.0.5 to solve this problem.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss any important news. Subscribe to our newsletter.