Microsoft has announced the launch of a security processor designed to provide stronger hardware and software integration for Windows PCs to remove entire vectors of attack.
Named the Pluton and built in collaboration with AMD, Intel and Qualcomm, Microsoft claimed the processor will improve the ability to guard against physical and/or hardware attacks targeting identity and encryption keys to steal sensitive information, monitor firmware and verify the integrity of the system, and streamline firmware updates through the cloud (via Windows Update).
A “chip-to-cloud” security technology, this has been pioneered in Xbox and Azure Sphere. Microsoft said its vision for the future of Windows PCs is security at the core, built into the CPU, for a more integrated approach where the hardware and software are tightly integrated, ultimately removing entire vectors of attack.
Windows PCs using the Pluton architecture will first emulate a Trusted Platform Module (TPM), which works with the existing TPM specifications and APIs, allowing customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard.
The processor will protect credentials, user identities, encryption keys and personal data by storing sensitive data securely within the Pluton processor, which is isolated from the rest of the system
Pluton also provides the unique Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers.
Also, Pluton will provide a flexible, updateable platform for running firmware that implements end-to-end security functionality that is authored, maintained and updated by Microsoft. Pluton for Windows computers will be integrated with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices.
David Weston, director of enterprise and OS security at Microsoft, said: “We believe that processors with built-in security like Pluton are the future of computing hardware. With Pluton, our vision is to provide a more secure foundation for the intelligent edge and the intelligent cloud by extending this level of built-in trust to devices and things everywhere.
“Our work with the community helps Microsoft continuously innovate and enhance security at every layer. We’re excited to make this revolutionary security design a reality with the biggest names in the silicon industry as we continuously work to enhance security for all.”
Asaf Shen, senior director of product management at Qualcomm Technologies, said: “Qualcomm Technologies is pleased to continue its work with Microsoft to help make a slew of devices and use cases more secure. We believe an on-die, hardware-based Root-of-Trust like the Microsoft Pluton is an important component in securing multiple use cases and the devices enabling them.”