Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Unveils ‘Pluton’ Security Processor for PCs

Microsoft on Tuesday unveiled Pluton, a new security chip for Windows PCs that the tech giant will deliver through partnerships with Intel, AMD and Qualcomm.

Microsoft on Tuesday unveiled Pluton, a new security chip for Windows PCs that the tech giant will deliver through partnerships with Intel, AMD and Qualcomm.

Microsoft says its goal is to build security into the CPU in an effort to more tightly integrate hardware and software security and ultimately eliminate entire attack vectors. The technology that powers Pluton, which the company has described as “chip-to-cloud security technology,” has already been used in Xbox and the Azure Sphere IoT security solution, and Microsoft now wants to bring it to Windows PCs.

PCs currently use the Trusted Platform Module (TPM) to store encryption keys and data needed to ensure the integrity of the system, but this data is still exposed to attacks while passing through the communication channel between the TPM and the CPU, particularly if the attacker has physical access to the targeted system.

Pluton aims to address this by storing encryption keys and other sensitive data within the processor, thus eliminating the exposure of that communication channel and providing protection against speculative execution and other types of attacks.

“Windows PCs using the Pluton architecture will first emulate a TPM that works with the existing TPM specifications and APIs which will allow customers to immediately benefit from enhanced security for Windows features that rely on TPMs like BitLocker and System Guard,” Microsoft explained. “Windows devices with Pluton will use the Pluton security processor to protect credentials, user identities, encryption keys, and personal data. None of this information can be removed from Pluton even if an attacker has installed malware or has complete physical possession of the PC.”

Microsoft Pluton security chip

The technology will be integrated into future CPUs from Intel, AMD and Qualcomm, but it’s unclear when the new processors will become available to end users. Microsoft told SecurityWeek that it’s not sharing any specific information on timing or roadmap at this time.

AMD said the Pluton security processor will be “tightly integrated” into future client CPUs and accelerated processing units (APUs), which will also include AMD’s own security processor.

“[The AMD Security Processor (ASP)] and Microsoft Pluton help protect users’ confidential and personal data whether they are on the move or connected to a business network, even if their laptop has been lost or stolen,” AMD said. “The integrated design provides improved protection against attackers attempting to hide malicious code in the system or trying to steal credentials or encryption keys using sophisticated physical attacks.”

Related: Microsoft Adds New Data Corruption Preventions to Windows

Related: Microsoft Defender ATP Gets UEFI Scanner

Related: Microsoft Invests in Securing Device Firmware

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.

Application Security

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that...

Endpoint Security

Red Hat announced on Tuesday the general availability of a malware detection service for Red Hat Enterprise Linux (RHEL) systems.