Microsoft BitLocker Security Will Not Rely on SSD Hardware Encryption Following Update

The change follows a report that SSD manufacturers were not implementing hardware encryption adequately.

Advertisement
By Jamshed Avari | Updated: 1 October 2019 11:07 IST
Highlights
  • Research has shown that some SSDs have flawed hardware encryption
  • BitLocker will no longer rely on SSDs to implement their own encryption
  • Existing BitLocker volumes are not affected and will not be changed
Microsoft BitLocker Security Will Not Rely on SSD Hardware Encryption Following Update

According to release notes Microsoft has published for the incremental KB4516071 update for Windows 10, the company will no longer use the hardware encryption capabilities built into some SSDs when the BitLocker security framework is enabled. Instead, Windows will apply its own software encryption. The change has been attributed by security experts to reports that major SSD manufacturers have not been taking adequate security measures with their implementations of encryption, resulting in potentially easy ways to bypass the security protections that users might take for granted. Microsoft is effectively taking control of the process, rather than trusting SSD manufacturers. The change will not affect existing BitLocker volumes.

As pointed out by the popular Twitter account SwiftOnSecurity, the change comes almost a year after a research report published by Radboud University in the Netherlands revealed that some implementations of hardware encryption on an SSD can be defeated by simply using a manufacturer's master password, or by intercepting the DEK (Disk Encryption Key) which itself is not cryptographically encoded. These processes can be used by an attacker to defeat an SSD's own security without needing to know the user's own encryption key.     

The research report identified several popular consumer SSD models sold by Crucial and Samsung. The findings applied to internal as well as external SSDs, and the researchers stated that many more drives might be affected. Both companies have since released security patches that are said to address this issue.

As reported by ZDNet at the time, the research report specifically noted that Windows BitLocker users were at risk because Microsoft by default allows SSDs to handle their own encryption. The company now seems to have changed its mind, and is taking control of the process, at least for newly created volumes. 

Advertisement

Modern PCs can take advantage of specific instructions on newer CPUs that are designed to accelerate software encryption without creating significant overhead in terms of CPU workload. SSDs can be encrypted and decrypted on the fly, for most kinds of applications, negating the advantages of native hardware encryption.

Users (or IT administrators) who wish to switch from hardware to software encryption will first have to decrypt their drives entirely and then re-encrypt them. As always, there will still be the ability to rely on hardware encryption, which users can take advantage of if they are certain that their SSDs are secure. 

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Microsoft, Windows, Windows 10, BitLocker
Advertisement

Related Stories

Popular Mobile Brands
  1. Microsoft Wants Websites to Have an AI-Powered Natural Language Interface
  2. iQOO Neo 10 Pro+ With Snapdragon 8 Elite, 6,800mAh Battery Launched
  3. Google's New Beam Video Communication Platform Can Turn 2D Video Into 3D
  4. Nothing Phone 3 Confirmed to Launch Globally in July
  5. Realme 14T 5G First Impressions
  6. Gemini 2.5 Series Gets Improved Capabilities and a Deep Think Mode
  7. Retro OTT Release Reportedly Revealed: When and Where to Watch it Online?
  8. Amazon's Drones Will Now Deliver Apple Products and More to Your Doorstep
  9. Google I/O 2025 Highlights: Everything Google Announced at Google I/O
  1. Google I/O 2025: Everything Announced From Gemini 2.5, AI Mode to Project Astra
  2. Asus ExpertBook P3 Series With AMD Ryzen AI 7 350 Processor Launched at Computex 2025
  3. Tesla on Track to Launch Robotaxi Trial in Austin, Texas, by June End, Musk Says
  4. Stellar Blade Sequel Confirmed by Shift Up, Launch Planned Before 2027
  5. Epic Games' Fortnite Returns to Apple App Store in US After Nearly Five Years
  6. Amazon's Drones Can Now Deliver New Categories of Devices Like iPhone, AirPods and More
  7. Infinix GT 30 Pro Leaked Images Suggest RGB Lighting, Colour Options Ahead of Global Debut
  8. Bitcoin Surges Past $107,000 for First Time Since January as Altcoins Rally
  9. Inheritance OTT Release Date: When and Where to Watch Spy Thriller Movie Online?
  10. America's Sweethearts: Dallas Cowboys Cheerleaders Season 2 OTT Release Date Announced
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.