Microsoft has presented together with AMD, Intel and Qualcomm Technologies its new Microsoft Pluton security processor, to ensure the best protection for future PCs launching with Windows. This processor uses chip-to-cloud security technology, which makes things more difficult for attackers by having a greater integration between hardware and software security.
Microsoft promises that with Pluton, we will not only have greater protection against physical attacks, but also improve security against the theft of credentials and encryption keys.
Until now, the heart of system security is the TPM, a separate chip from the CPU that is used to help securely store keys and measurements that verify the integrity of the system. They are used for example by systems like Windows Hello or BitLocker. However, attackers have started to use the communication channel between the CPU and the TPM, showing that this can be a weak point in the security chain.
With Microsoft Pluto, this communication channel is eliminated as it is integrated into the CPU, so that the information cannot be eliminated from the processor, even if an attacker has installed malware or has complete physical possession of the PC. In addition, the exclusive technology of Secure Hardware Cryptography Key (SHACK), which helps ensure that keys are never exposed outside of protected hardware, not even Pluton’s own firmware.
“Security-built processors like Pluton are the future of computer hardware,” he says. David Weston, Director of Enterprise and OS Security at Microsoft. “We want to provide a more secure foundation for edge intelligence and cloud intelligence, extending this level of trust to any device.”