Microsoft has unveiled a new processor which it described as a reflection of a new vision for Windows security to help ensure customers are protected today and in the future.
Developed in partnership with AMD, Intel, and Qualcomm Technologies, the Microsoft Pluton security processor is a chip-to-cloud security technology that is pioneered in Xbox and Azure Sphere. Microsoft said it will bring even more security advancements to future Windows PCs and signals the beginning of a journey with ecosystem and OEM partners.
“Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack. This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs,” Microsoft stated.
The tech giant said the Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU.
Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard.
Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.
In a statement, David Weston, Microsoft’s Director of Enterprise and OS Security said with the effectiveness of the initial Pluton design, the company and its partners have learned a lot about how to use hardware to mitigate a range of physical attacks.
“Now, we are taking what we learned from this to deliver on a chip-to-cloud security vision to bring even more security innovation to the future of Windows PCs (more details in this talk from Microsoft BlueHat). Azure Sphere leveraged a similar security approach to become the first IoT product to meet the “Seven properties of highly secure devices,” Weston stated.
“Intel continues to partner with Microsoft to advance the security of Windows PC platforms. The introduction of Microsoft Pluton into future Intel CPUs will further enable integration between Intel hardware and the Windows operating system.” – Mike Nordquist, Sr. Director, Commercial Client Security, Intel.
“Qualcomm Technologies is pleased to continue its work with Microsoft to help make a slew of devices and use cases more secure. We believe an on-die, hardware-based Root-of-Trust like the Microsoft Pluton is an important component in securing multiple use cases and the devices enabling them.” – Asaf Shen, senior director of product management at Qualcomm Technologies, Inc.