Windows ships with a full volume encryption tool called BitLocker. The feature used to trust any SSD that claimed to offer its own hardware-based encryption, but that changed in
the KB4516071 update to Windows 10 released on September 24, which now assumes that connected SSDs don't actually encrypt anything.
"SwiftOnSecurity"
called attention to this change on September 26. The pseudonymous Twitter user then reminded everyone of
a November 2018 report that revealed security flaws, such as the use of master passwords set by manufacturers, of self-encrypting drives. That meant people who purchased SSDs that were supposed to help keep their data secure might as well have purchased a drive that didn't handle its own encryption instead.
Those people were actually worse off than anticipated because Microsoft set up BitLocker to leave these self-encrypting drives to their own devices. This was supposed to help with performance--the drives could use their own hardware to encrypt their contents rather than using the CPU--without compromising the drive's security. Now it seems the company will no longer trust SSD manufacturers to keep their customers safe by themselves.[/url]
Up until the September 24 security update, whenever you installed a new SSD on a Bitlocker-protected system, Bitlocker would first check to see whether it was a self-encypting drive. If it was, Bitlocker would not encrypt it - the logical presumption being that if you know you have Bitlocker but decided to buy a self-encypting drive rather than a normal one, it's because you want to - well, use the drive's self-encryption feature rather than Bitlocker. Now that these drives have shown to not be very good at protecting themselves, Bitlocker will now encrypt ALL newly-installed drives, unless you specifically tell it not to encrypt a certain drive.