HackDig : Dig high-quality web security articles for hackers

Windows 10 hardware security enabled by default on new Surface PC

2021-01-11 18:25

Windows 10 hardware security enabled by default on new Surface PC

Microsoft has unveiled today the new Surface Pro 7+ for enterprise and educational customers, an ultra-light 2-in-1 device that comes with Windows Enhanced Hardware Security features enabled by default.

The new Surface PC will help defend against escalation of privilege attacks which target sensitive info stored in a device's memory with the help of virtualization-based security (VBS) and Hypervisor-protected code integrity (HVCI) — also known as Memory Integrity.

The two hardware security features will be turned on by default on all Surface Pro 7+ devices to protect business customers' data.

VBS and HVCI use hardware virtualization capabilities to isolate a memory region from the main OS which blocks threat actors' privilege escalation attempts.

"Most recent Surface devices and Windows PCs from many other OEMs that have virtualization support are also capable of using these features," Microsoft said.

"Customers can turn on the Memory integrity feature in the device security settings, which also automatically checks if devices are capable."

Windows Enhanced Hardware Security features also boost defenses against malware (Trickbot) and human-operated ransomware attacks (RobbinHood) with 60% fewer malware reports being submitted on HVCI-protected systems.

Removable SSD and secure boot

The newly released Surface Pro 7+ for business also comes with Secure Boot which checks the devices' firmware for any signs of tampering.

Customers are also protected from attacks with the help of a security processor (TPM 2.0) which secures and encrypts data and the Windows Hello feature which enables passwordless sign-ins.

Surface Pro 7+ also features a removable SSD drive which enables enterprise and educational organizations to protect their data privacy.

"For the first time, Surface Pro 7+ ships with Windows Enhanced Hardware Security features enabled out of the box," Robin Seiler, Microsoft Devices Corporate VP, said.

"We are excited to see such great boosts in both performance and battery while enabling robust Device Protection features."

Surface Pro 7+ for Business ships at the end of this week and it joins other recently shipped Surface devices such as Surface Book 3, Surface Laptop Go, and Surface Pro X which also come with HVCI and VBS toggled on out of the box.

Last year, Microsoft issued guidance on how to resolve problems with Windows 10 2004 upgrades being blocked and loading driver issues in Windows 10 caused by the Memory Integrity security feature.


Source: en-no-tluafed-yb-delbane-ytiruces-erawdrah-01-swodniw/ytiruces/swen/moc.retupmocgnipeelb.www

Read:88 | Comments:0 | Tags:Security Microsoft security

“Windows 10 hardware security enabled by default on new Surface PC”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud