Microsoft on Tuesday unveiled Pluton, a new security chip for Windows PCs that the tech giant will deliver through partnerships with Intel, AMD and Qualcomm.
Microsoft says its goal is to build security into the CPU in an effort to more tightly integrate hardware and software security and ultimately eliminate entire attack vectors. The technology that powers Pluton, which the company has described as “chip-to-cloud security technology,” has already been used in Xbox and the Azure Sphere IoT security solution, and Microsoft now wants to bring it to Windows PCs.
PCs currently use the Trusted Platform Module (TPM) to store encryption keys and data needed to ensure the integrity of the system, but this data is still exposed to attacks while passing through the communication channel between the TPM and the CPU, particularly if the attacker has physical access to the targeted system.
Pluton aims to address this by storing encryption keys and other sensitive data within the processor, thus eliminating the exposure of that communication channel and providing protection against speculative execution and other types of attacks.
“Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard,” Microsoft explained. “Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.”
The technology will be integrated into future CPUs from Intel, AMD and Qualcomm, but it’s unclear when the new processors will become available to end users. Microsoft told SecurityWeek that it’s not sharing any specific information on timing or roadmap at this time.
AMD said the Pluton security processor will be “tightly integrated” into future client CPUs and accelerated processing units (APUs), which will also include AMD’s own security processor.
“[The AMD Security Processor (ASP)] and Microsoft Pluton help protect users’ confidential and personal data whether they are on the move or connected to a business network, even if their laptop has been lost or stolen,” AMD said. “The integrated design provides improved protection against attackers attempting to hide malicious code in the system or trying to steal credentials or encryption keys using sophisticated physical attacks.”
Related: Microsoft Adds New Data Corruption Preventions to Windows

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
- Dozens of Cybersecurity Companies Announced Layoffs in Past Year
- Security Update for Chrome 109 Patches 6 Vulnerabilities
- New Open Source OT Security Tool Helps Address Impact of Upcoming Microsoft Patch
- Forward Networks Raises $50 Million in Series D Funding
Latest News
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- Microsoft Urges Customers to Patch Exchange Servers
- Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
