Last 12 months Microsoft issued a safety advisory relating to a brand new vulnerability that impacts hardware-based encryption on SSDs. The vulnerability was first found by Dutch safety researchers Carlo Meijer and Bernard von Gastel from Radboud University who printed a paper titled “weaknesses in the encryption of solid state drives”.
It turned out Microsoft was trusting SSDs who claimed that they self-encrypted to be safe, however that many of those drives had been susceptible to {hardware} hacks which uncovered the content material of the drives to decided hackers.
Microsoft advised Windows 10 Admins swap to software program encryption for affected drives, and now, with KB4516071 Microsoft switched to software program encryption by default, even when the SSD claims to supply {hardware} encryption.
Microsoft notes:
“Changes the default setting for BitLocker when encrypting a self-encrypting hard drive. Now, the default is to use software encryption for newly encrypted drives. For existing drives, the type of encryption will not change.”
Software encryption is in fact slower and extra processor intensive, and customers can nonetheless swap to {hardware} encryption in the event that they belief the drive, however the default ought to now be safer for everybody involved.