HomeWinBuzzer NewsMicrosoft Embraces Software Encryption by Default Following SSD Issues

Microsoft Embraces Software Encryption by Default Following SSD Issues

Microsoft says software encryption is now default after it became clear hardware encryption on SSDs could not be trusted.

-

Last November, sent out a security advisory to users to warn of a vulnerability that targets hardware-based encryption on solid-state drives (SSDs). In response to this problem, Microsoft has now supported software encryption instead of hardware encryption.

Dutch security researchers Bernard von Gastel and Carlo Meijer from Radboud University discovered the flaw and described it in a research paper.

Titles “Weaknesses in the encryption of solid state drives,” the paper shows how hackers could access the drive and transfer data without needing password authentication. While this is clearly a major problem, it is somewhat self-mitigated. That's because the attacker would need physical access to the drive to be able to exploit the vulnerability.

Microsoft says it was trusting SSD manufacturers that their hardware was self-encrypted and secure. However, many SSDs were vulnerable to attacks if content of the drives were exposed.

Software Encryption

At the time, Microsoft suggested users to switch to software encryption for affected SSDs. The company is now updating this stance. With KB4516071, the company says it will switch to software encryption by default.

“Changes the default setting for BitLocker when encrypting a self-encrypting hard drive. Now, the default is to use software encryption for newly encrypted drives. For existing drives, the type of encryption will not change.”

It is worth remembering software encryption is more intensive on processor performance. That said, users can still opt to use hardware encryption if the SSD is trusted. Admins who want hardware encryption will now need to select it manually.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News