Last year Microsoft issued a security advisory relating to a brand new vulnerability that impacts hardware-based encryption on SSDs. The vulnerability was first found by Carlo Meijer and Bernard von Gastel, who are Dutch security researchers from Radboud University, who published a paper titled “weaknesses in the encryption of solid-state drives.”
Microsoft was trusting SSDs claimed that they self-encrypted to be secure, however, that many of specific drives might be vulnerable to hardware hacks which exposed the content material of the drives to determined hackers.
Microsoft advised Windows 10 Admins switch to software encryption for affected drives. Now, with KB4516071 Microsoft switched to software encryption by default, also when the SSD declares to offer hardware encryption. Microsoft notes, Replaces the default setting for BitLocker while encrypting a self-encrypting hard drive. The default is to utilize software encryption for newly encrypted drives. For present drives, the kind of encryption won’t change.
Software encryption is, after all, slower and more processor-intensive, and users can still switch to hardware encryption if they trust the drive; however, the default should now be more secure for everybody concerned.