Microsoft will replace TPMs and protect PCs from dangerous attacks.
What you need to know
- Microsoft announced Microsoft Pluton, a security processor.
- Microsoft worked with AMD, Intel, and Qualcomm on Pluton.
- The technology builds off of advancements that Microsoft used on the Xbox One and Azure Sphere.
Microsoft is working to protect PCs with a new type of security chip called Pluton. The security processor will be built directly into CPUs and replace the Trusted Platform Module (TPM). Microsoft worked with AMD, Intel, and Qualcomm on Pluton.
Currently, PCs have a TPM, which stores keys and measurements. These have been used for over 10 years by Windows Pcs, and currently, power secure technologies such as Windows Hello and BitLocker. While TPMs can be very effective, attackers have found workarounds, many of which take advantage of physical access to PCs. Attacks that have physical access target the communication between the TPM and a PC's CPU.
In contrast with TPMs, Pluton processors are built directly into the CPU. They will emulate a TPM, meaning that existing TPM specifications and APIs will still work, but the physical processor itself will be built into the CPU. As a result, identities, credentials, encryption keys, and personal data won't be able to be removed from Pluton processors, even if someone has physical access to a PC.
Microsoft explains its goal for security on Windows 10 in a blog post.
Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack. This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.
Pluton is a chip-to-cloud security technology. It innovates by keeping firmware up to date across an entire PC ecosystem. Instead of updating firmware from different sources, Pluton creates a platform with end-to-end security. Microsoft explains that "Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft."
Microsoft's Pluton utilizes technology originally built for the Xbox One. The Pluton design was introduced in 2013 in the Xbox One as a result of the partnership between AMD and Microsoft. It's also been used within Azure Sphere. Microsoft is taking lessons learned by it and its OEM partners on other platforms to protect PCs with Pluton.
Pluton will appear on chips from AMD, Intel, and Qualcomm.
0 comments:
Post a Comment