2 min

Last June, security researchers discovered that it was quite easy to bypass SSD hardware encryption. This required a maximum of one hundred euros in tools to reset the SSD drive’s firmware. Microsoft now seems to have solved that problem.

The problem found only affected the hardware encryption of data. Software encryption was therefore not affected by the problem. When the problem was found, Microsoft advised users to switch to software encryption in order to better protect their data. It seems that from Windows 10 19H1 onwards, Microsoft will take matters into its own hands and switch to software-based encryption by default.

Standard changed

Tero Alhonen reports that on Twitter. Alhonen looked at Bitlocker, which according to the researchers was found to be exceptionally vulnerable by the encryption method in June. According to Alhonen, the default settings will be different later on.

The vulnerability was discovered by two Dutch researchers, Carlo Meijer and Bernard van Gastel of the Radboud University. They wrote a paper (here the PDF) about the weaknesses in encryption of SSDs. Because of the vulnerability, hackers could, according to them, gain access to the drive and transfer data quite easily, without the need for passwords.

It is quite easy for admins to find out which encryption method a SSD currently uses.

  1. Open the start menu of Windows 10, and search for cmd.exe. Click on the search result and select the option to run the program as admin.
  2. Confirm this in the message that appears.
  3. Then enter the following: manage-bde.exe status.
  4. Check what it says under the heading Encryption Method.

If there is no reference to hardware encryption there, nothing is wrong and the drive uses software encryption by default. If that is the case and you want to secure your system better, you will have to encrypt the drive again. Microsoft writes in its Advisory how to do this.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.