Microsoft, in collaboration with AMD, Intel and Qualcomm, today presented a new processor called Microsoft Pluton.
This is the result of a shared vision of the future of Windows PCs that will bring security to the heart of devices, protecting users from the most advanced threats, especially at a time like the current one when PCs play an increasingly crucial role, helping people to stay
The new Microsoft Pluton processor, which capitalises the virtuous experience of the
Microsoft Pluton will introduce some new features and improvements, including greater ability to protect itself from physical and/or hardware attacks that target identities and encryption keys to steal sensitive information; ability to monitor firmware and verify
The security processor design will make it much more difficult for attackers to hide under the operating system and improve the ability to protect against physical attacks, prevent theft of credentials and encryption keys and provide the possibility of recovery from bu
Currently, the core of operating system security on most PCs is a separate CPU chip, called Trusted Platform Module (TPM).
The TPM is a hardware component used to safely store keys and measurements that check the integrity of the system.
TPMs have been supported in Windows for more than 10 years and feed many critical technologies like Windows Hello and BitLocker. Given the effectiveness of the TPM in performing critical security tasks, attackers have started to look for ways to attack it, particularly in situations where a malicious user can temporarily steal or obtain physical access to a PC.
These sophisticated attack techniques target the communication channel between the CPU and the TPM, which is generally a bus interface.
The Pluton design eliminates the possibility that that communication channel is attacked by building security directly in the CPU.
Windows PCs using Pluton architecture will first emulate a TPM that works with existing TPM specifications and APIs, which will allow customers to immediately benefit from enhanced security for Windows features that are based on TPM Windows devices with Microsoft Pluton will use the security processor to protect credentials, user identity, encryption keys and personal data. None of this information can be removed from Pluton even if a malicious user has installed malware or has complete physical possession of the PC.
This is achieved by storing sensitive data as encryption keys securely within the Pluton processor, which is isolated from the rest of the system, helping to ensure that emerging attack techniques, such as speculative execution, cannot access key material Microsoft Pluton also provides the exclusive SHACK (Secure Hardware Cryptography Key) technology that helps ensure that keys are never exposed outside of the protected hardware, even to the firmware Plu