Advanced CPU security techniques are meant to prevent various malware attacks, but sometimes they harm legit benevolent programs. This is what happened to Intel-developed control-flow enforcement technology (CET) that prevented users from launching applications from Microsoft Store on some Windows 10-based systems. To resolve the issue, users need to install the new KB5015020 Windows 10 hotfix.
Intel’s CET capability supported by the company’s chips starting from 11th Generation Core ‘Tiger Lake’ CPUs and some of AMD’s recent processors was designed to protect against the misuse of legitimate code through control-flow hijacking attacks. The technique has to be supported by software and app developers can use two methods to defend against control-flow hijacking attacks: indirect branch tracking (to defend against jump/call-oriented programming attacks) and shadow stack (to protect against return-oriented programming (ROP) attack).
Apparently, after installing one of the recent Windows 10 updates, the OS starts to engage CET capability against legit applications obtained from Microsoft’s own store.
“After installing KB5011831 or later updates, you might receive an error code: 0xC002001B when attempting to install from the Microsoft Store,” a description of the new hotfix by Microsoft reads. “Some Microsoft Store apps might also fail to open. Affected Windows devices use a processor (CPU) which supports Control-flow Enforcement Technology (CET), such as such as 11th Gen and later Intel Core processors or later and certain AMD processors.”