Microsoft has issued a security alert on a problem in Windows 11 that might harm data if certain circumstances are met, such as when writing to BitLocker-encrypted discs. Unfortunately, Microsoft advises that the update may reduce performance for roughly a month after it is implemented.
AES-XTS (tweaked-codebook mode with ciphertext theft) and AES with Galois/Counter Mode (GCM) are the two impacted functions, and you’ve probably never heard of them (AES-GCM). In addition to Intel’s 10th and 11th-generation “Ice Lake” and “Rocket Lake” CPUs, AMD’s future Zen 4 chips, also known as the Ryzen 7000, are also affected by this issue.
One of the problems is that AES-XTS was introduced to Windows 10 expressly as the function underpinning BitLocker encryption, which means that both algorithms are utilised to encrypt data. An attacker would have no way to get access to your data unless they had the PIN, fingerprint, or face recognition features of Windows Hello installed on their PC. BitLocker works with your PC’s Trusted Platform Module (or TPM). Flash drives may be protected with this feature, as well.
It’s comforting to know that keeping your PC up-to-date may have prevented any data loss. There are a number of reasons why Microsoft’s security bulletin suggests that just the initial build of Windows 11 is vulnerable.
In addition, Microsoft advises that performance may be hindered for up to a month after the update is applied, which may be a problem. One-month term was picked by Microsoft, although they don’t explain why.) BitLocker, load balancing, and disc performance on corporate PCs are all impacted.
The end of the degraded-performance period should be around mid-July or so if you’ve done the math. Both bugs are unlikely to impact a PC that has been maintained up to date.
How can I tell whether BitLocker is in use on my computer?
BitLocker is only available in Windows 10 and Windows 11 Pro editions, according to earlier Microsoft statements. In Windows 11 Pro, BitLocker is turned on by default when you log in with your Microsoft account. On the other hand, even Windows 11 Home PCs can take use of Windows’ built-in “device encryption” feature. Device Encryption may or may not employ the AES-XTS feature, however this is unclear at this time.
To see whether your PC has BitLocker, just enter “Manage BitLocker” into the search box in the Start menu. To change BitLocker’s settings, you’ll need to open the Control Panel that comes with your PC. Don’t expect Windows to return the programme if you don’t. The BitLocker recovery key should be backed up. If you’re logged in to your Microsoft account, it will be saved in your online account settings.
If you don’t have BitLocker installed on your computer, you may still be able to use device encryption. In order to decrypt your device, go to the settings and choose Update & Security > Device Encryption from the list. Encryption may be enabled or disabled by a switch on your computer’s control panel.
Does my hard disc have harm to the data on it?
A user should be unconcerned if their hard disc or SSD hasn’t shown any signs of malfunction. Manually scanning your disc for faults is always an option if you’re worried.
Right-click on your PC’s SSD or hard disc in File Explorer to do this. Open a menu by clicking on the “Properties” section.