Microsoft Unveils Pluton Security Processor For Future Windows PCs And Will Be Integrated Into The CPU

Microsoft has developed a new security chip to help protect future Windows computers. The Microsoft Pluton chip will be embedded directly into future processors and replace the existing Trusted Platform Module (TPM) currently used to protect hardware and cryptographic keys. Pluton is built on the same security technologies used to protect Xbox consoles and the Azure Sphere OS. Microsoft is partnering with Intel, AMD, and Qualcomm to integrate Pluton into their upcoming processors.

Microsoft suggests that future Windows PCs integrate security features into the computer’s very core – the central processing unit. In this integrated approach, where hardware and software are tightly coupled, entire classes of attack vectors can be eliminated. The new security processor structure will make it much more difficult for attackers to hide their actions under the operating system. It will also improve the ability to fend off physical attacks and prevent credentials and encryption keys. Finally, such a structure will allow you to recover the system from software errors.

Microsoft notes that today the OS security kernel on most PCs is located in a separate TPM chip from the central processor. Trusted Platform Modules have been used in Windows for over 10 years and support many security technologies such as Windows Hello and BitLocker. But attackers began to invent ways to attack this module, especially in situations where it is possible to gain physical access to the system. These sophisticated attack methods target the communication channel between the CPU and TPM, usually a bus interface.

 

Microsoft unveils Pluton security processor for future Windows PCs and will be integrated into the CPU

 

Pluton’s architecture eliminates this weak link, and at the same time, the possibility of attacking the communication channel since the security tool is integrated directly into the CPU. Windows computers using Pluton architecture will emulate TPM first. This will work with existing TPM specifications and APIs and provide compatibility with current TPM-based Windows features. Windows devices with a Pluton security processor will use it to protect credentials, user IDs, encryption keys, and personal data. None of this information can be removed from Pluton, even if an attacker installs malware or takes full physical control of the computer.

This is achieved by securely storing sensitive data such as encryption keys in the Pluton processor. Simultaneously, it is isolated from the rest of the system, which helps prevent access to keys through new attack methods such as speculative execution. Pluton also offers Secure Hardware Cryptography Key (SHACK) technology, which ensures that keys are never revealed to anyone outside of the protected hardware, not even the Pluton firmware itself.

Pluton also addresses the issue of keeping system firmware up to date. Today, users receive updates to their security firmware from many different sources that can be difficult to manage. Pluton provides a flexible, upgradeable platform for running firmware. It implements end-to-end security features developed, maintained, and updated by Microsoft. Pluton for Windows computers will integrate with the Windows Update process.

Leave a Reply

Scroll to Top