Microsoft warns that Windows 11 and Windows Server 2022 devices with new CPUs are at risk of data loss. The problem originates from deviating SymCrypt code paths. Updates were released, but the patches may affect performance.

Microsoft alerts that Windows devices with modern CPUs may be susceptible to data damage. The problem mainly affects devices that support the latest Vector Advanced Encryption Standard (VAES) instruction set. Microsoft mentioned support for AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS) and AES with Galois/Counter Mode (AES-GCM) block cipher mode.

SymCrypt codepaths

The odds and scale of data damage weren’t disclosed. Users have no way of knowing exactly how to respond to the problem if it occurs. The cause, however, is known. According to Microsoft, the problem originates from the addition of new code paths for SymCrypt in the original release of Windows 11 and the various versions of Windows Server 2022.

The code paths are supposed to benefit the use of VAES instructions. SymCrypt is the default cryptographic library in Windows. VAES instructions work on Advanced Vector Extensions (AVX) registers for hardware that runs on the latest CPUs.

Update brings performance issues

Microsoft addressed the issue in the May 24 and June 14 security releases for Windows 11 and Windows Server 2022. The tech giant warns that the updates could lower the performance of devices. AES-based workloads run up to two times slower after the update’s installation. Affected components include BitLocker, Transport Layer Security (TLS) load balancers and disk throughput.

Workaroud available

Microsoft developed a workaround for performance drops caused by the updates. According to the tech giant, performance can be increased by installing the June 23 preview update or July 12 security update for Windows 11 and/or Windows Server 2022. Performance should return to normal after installation.

Tip: ‘Microsoft to launch Windows 12 in 2024’