Microsoft Pluton Windows PC security processor announced

by Mark Tyson on 18 November 2020, 13:11

Tags: Microsoft (NASDAQ:MSFT)

Quick Link: HEXUS.net/qaepp5

Add to My Vault: x

Microsoft has announced its latest innovation in the fight against the evolving PC threat landscape. Working closely with the likes of AMD, Intel and Qualcomm it plans for every new processor to include the Microsoft Pluton Processor. The new security chip technology was pioneered on the Xbox One console (since 2013) to prevent hacking and piracy, and more recently rolled out for Microsoft’s cloud service Azure Sphere to secure low cost IoT devices.

The new Pluton design is claimed to redefine Window security at the CPU. In effect, integrating Pluton in upcoming processors from its partners will greatly reduce the attack surface open to hackers. Over recent years the communications channel between the CPU and TPM has been increasingly targeted by hackers and this will be effectively eliminated with an on-chip Pluton component.

Microsoft says that Windows devices with Pluton will use the processor to protect credentials, user identities, encryption keys, and personal data. Importantly none of this potentially sensitive information can be plucked from Pluton, even if an attacker has direct machine access and/or has installed malware to attempt to grab user data. It is explained that Pluton is on the central processor but isolated from the rest of the system and thus helps quash emerging techniques like speculative execution. Moreover, Pluton provides "Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers," says Microsoft.

Another benefit of Pluton is that it removes the major security problem of firmware updates. Microsoft says that Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft. In the same way that Azure Sphere Security Service connects to IoT devices, Pluton for Windows computers will be integrated with the Windows Update process.

Microsoft shared Pluton testimonials from its partners in a blog post about the security technology. Future processors from AMD, Intel and Qualcomm will be instrumental in advancing the adoption of Pluton and making Windows PC more secure than ever.

A warning from (Apple) history

The above sounds very positive as a development that is analogous to Apple's T2 security chip, launched back in 2017. However, it must be noted that security researchers found an unfixable security flaw in Apple's implementation last month. It is thought that the so-called Checkm8 vulnerability could very well open up the Mac to deep hacker access and the threats it is designed specifically to prevent.

 


HEXUS Forums :: 10 Comments

Login with Forum Account

Don't have an account? Register today!
Can we opt out?
Yes the ability to turn it off would be preferred.
AGTDenton
Can we opt out?
Not really, this is built in at the cpu level.

Whether this is integrated into consumer chips is the real question as this is basically designed to replace the tpm mainly found on ‘business’ hardware.
It was bad enough when a OS and system had such a small market share with a T2 chip, now it's going to be a much wider share of a far more prolific OS to have such a chip is a pain in the behind.

As long as it has no ability to interfere with the CPU and manage/monitor/manipulate the CPU then that's fine but then it's a waste of silicon.

Look at the IME, it's still having problematic vulnerabilities and exploits being found from donkeys ago!
I guess the fact that Big Sur has a flaw where any code can bypass a vpn or firewall is small fry then…