Windows 11-ready CPUs with VAES are susceptible to data damage

by Alexandru Poloboc
Alexandru Poloboc
Alexandru Poloboc
News Editor
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,... read more
Affiliate Disclosure
  • You might have thought that Windows 11 is totally fine, but new issues emerge every day.
  • Microsoft just acknowledged issues with the supported CPUs which come with VAES.
  • The Redmond company also provided a temporary workaround while this is getting fixed.
cpu

Windows 11 has seen a much larger crowd embracing it since it first came out, even though people were reluctant to make the switch at first.

Even though your average user still prefers to use Windows 10 on a daily basis, Microsoft has made huge efforts to transform Windows 11 into the stable experience that it is today.

When the latest operating system was first announced last summer, there was a lot of frustration among users due to the strict system requirements for running it.

Back then, only modern processors from AMD and Intel were supported because they were said to have enhanced security support compared to previous generation CPUs.

We are, of course talking about Intel 7th Gen Kaby Lake and AMD Zen (Ryzen 1000) or older processors, just so there is no confusion.

However, even though the Windows 11 operating system is a lot more reliable now, that doesn’t mean that it is 100% problem free, as you are about to see in a moment.

Microsoft acknowledges VAES CPU issues through KB5017259

All that being said, the Redmond tech giant has found that there are issues with the supported CPUs which come with Vectorized AES (VAES) instruction.

Microsoft stated that such Windows 11 and Windows Server devices are susceptible to data damage as the Advanced Encryption Standard (AES) instruction is meant to accelerate data encryption and any bugs in this are bound to adversely impact device data.

Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage. 

The affected Windows devices mentioned in the Microsoft statement actually use one of the following on new hardware:

  • AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS)
  • AES with Galois/Counter Mode (GCM) (AES-GCM)

Under symptoms, Microsoft stated that AES-based operations might be two times slower after installing the Windows update for the May 24, 2022 preview release or the June 14, 2022 security release.

Apparently, this is happening because the tech giant added new code paths to the Windows 11 (original release) and Windows Server 2022 versions of SymCrypt to take advantage of VAES (vectorized AES) instructions.

Some of you might already know that SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors.

There is some good news here, which is that Microsoft has resolved the issue via previous Windows Updates KB5014746 and KB5014019.

Affected users are therefore expected to have a performance impact on BitLocker, TLS, and also disk throughput upon installing the workaround updates.

Microsoft has not yet provided an official list of CPUs that are affected, but from what we can tell, Intel CPUs starting from the 10th Gen Ice Lake 10nm mobile chips are affected.

These were actually the first CPUs that introduced the VAES instructions for the first time with their new Sunny Cove design.

How can I fix this problem?

Install the June 23, 2022 preview release for your OS:

The other option provided by the Redmond-based tech giant is written bellow, and it is an alternative to the one above.

Install the July 12, 2022 security release for your OS:

Some of you might remember that this isn’t even the first time that users have faced performance issues with supported Windows 11 processors.

Last year, it was revealed that Virtualization-based Security (VBS) was causing a crippling impact in games even on supported chips.

We’ll see what the future holds for us but just remember that Windows 11 is still a young OS and many things can still go wrong with it.

Have you also experienced problems such as the ones described in this article since installing Windows 11? Share your experience with us in the comments section below.

This article covers:Topics: