yitit
Home
/
Hardware
/
Latest AMD & Intel CPUs Including Zen 4 & Raptor Lake With VAES Instructions Susceptible To Data Damage on Windows, Patch Rolling Out But Will Reduce Performance
Latest AMD & Intel CPUs Including Zen 4 & Raptor Lake With VAES Instructions Susceptible To Data Damage on Windows, Patch Rolling Out But Will Reduce Performance-November 2024
Nov 23, 2024 6:34 AM

Microsoft has revealed a new bug within Windows 11 & Windows Server 2022 operating systems that affects the latest Intel & AMD CPUs. The bug is related to the encryption on the said OS and processors outfitted with AES/VAES (Vector Advanced Encryption Standard) Instruction sets have been affected.

Microsoft Confirms New Encryption Bug Could Damage Data on Latest AMD & Intel CPUs With VAES Instructions, Patch To Reduce Performance

While AMD & Intel CPUs are the highlights, virtually any system that is running a PC with the following instructions is affected and susceptible to data damage:

AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS)

AES with Galois/Counter Mode (GCM) (AES-GCM)

As for the list of CPUs that are affected by this bug, those include Intel CPUs starting the 10th Gen Ice Lake and above, Ice Lake-SP Xeon Scalable processors for servers, and AMD CPUs starting the Zen 3 lineup plus the upcoming Zen 4 chips. For Zen 3, both the non-V-Cache and 3D V-cache parts are affected. Alder Lake & Raptor Lake CPUs don't officially support VAES but it can be enabled on some motherboards with custom BIOS firmware.

AMD CPUs Affected: Ryzen 5000, Ryzen 5000X3D, EPYC Milan, EPYC Milan-X, EPYC GenoaIntel CPUs Affected: Ice Lake, Tiger Lake, Alder Lake (Partial), Raptor Lake (Partial), Ice Lake-SP, Sapphire Rapids-SP

Symptoms

AES-based operations might be two times (2x) slower after installing the Windows update for the May 24, 2022 preview release or the June 14, 2022 security release.

The root cause of this bug happened when Microsoft added new code paths to Windows 11 and Windows Server 2022 versions of SymCrypt to take advantage of the VAES instructions offered by the latest CPUs. SymCrypt is the core cryptographic library in Windows. These instructions act on Advanced Vector Extensions (AVX) registers for hardware with the newest supported processors.

Windows 11 Systems

However, these code paths opened up a vulnerability that could lead to permanent data damage. Now there's already a resolution and workaround which is to install the June 23, 2022 preview of the aforementioned operating systems but it is reported by Microsoft that after applying the new update, PCs will notice slower performance (up to 2x slower) in applications such as:

BitLockerTransport Layer Security (TLS) (specifically load balancers)

Disk throughput, especially for enterprise customers

Microsoft states that users will have to wait for a month for a proper patch to be rolled out but till then, the only workaround to avoid data damage is to switch to lower performance on the older update.

Install the June 23, 2022 preview release for your OS; see below:

Windows 11 (original release) -KB5014668Windows Server 2022 -KB5014665

Or

Install the July 12, 2022 security release for your OS; see below:

Windows 11 (original release) -KB5015814

Windows Server 2022 -KB5015827

via Microsoft

News Source: WindowsReport

Comments
Welcome to yitit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
Hardware
Recent News
Copyright 2023-2024 - www.yitit.com All Rights Reserved