Microsoft today announced the new Microsoft Pluton security processor. Microsoft Pluton will bring security advancements to future Windows PCs. Microsoft worked with AMD, Intel, and Qualcomm for this new Pluton security processor. This new security processor will make it significantly more difficult for attackers to gain access to the system, and it will also improve Microsoft’s ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.
More info about Microsoft Pluton:
- The Pluton design removes the potential for that communication channel to be attacked by building security directly into the CPU.
- Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard.
- Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.
- This is accomplished by storing sensitive data like encryption keys securely within the Pluton processor which is isolated from the rest of the system, helping to ensure that emerging attack techniques, like speculative execution, cannot access key material.
- Pluton also provides the unique Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers.
- Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality that is authored, maintained, and updated by Microsoft. Pluton for Windows computers will be integrated with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices.
“At AMD, security is our top priority and we are proud to have been at the forefront of hardware security platform design to support features that help safeguard users from the most sophisticated attacks. As a part of that vigilance, AMD and Microsoft have been closely partnering to develop and continuously improve processor-based security solutions, beginning with the Xbox One console and now in the PC. We design and build our products with security in mind and bringing Microsoft’s Pluton technology to the chip level will enhance the already strong security capabilities of our processors.” – Jason Thomas, head of product security, AMD
“Intel continues to partner with Microsoft to advance the security of Windows PC platforms. The introduction of Microsoft Pluton into future Intel CPUs will further enable integration between Intel hardware and the Windows operating system.” – Mike Nordquist, Sr. Director, Commercial Client Security, Intel
“Qualcomm Technologies is pleased to continue its work with Microsoft to help make a slew of devices and use cases more secure. We believe an on-die, hardware-based Root-of-Trust like the Microsoft Pluton is an important component in securing multiple use cases and the devices enabling them.” – Asaf Shen, senior director of product management at Qualcomm Technologies, Inc.