HackDig : Dig high-quality web security articles for hackers

Microsoft brings its on-die Pluton security processor to Intel, AMD CPUs

2020-11-17 12:25

Windows 10

Microsoft is integrating its Pluton security processor directly into Intel, AMD, and Qualcomm CPUs to better secure Windows PCs.

Windows 10 gains enhanced security by utilizing specialized chips called Trusted Platform Modules (TPMs) to provide hardware-based security functions. These functions include generating cryptographic keys, protecting authentication credentials used by Windows Hello, and checking if the boot process has been maliciously modified.

As the TPM is a separate chip from the CPU, researchers have devised methods to steal data as it is transferred between the TPM and the CPU. This attack has been shown to allow local attackers to steal Bitlocker decryption keys to gain access to encrypted drives.

Pluton security processors to the rescue

Microsoft is now partnering with Intel, AMD, and Qualcomm to introduce the Pluton security processor as an on-die chip in their CPUs.  As an integrated processor, it will be able to perform secure cryptographic functions without the risk of data leaking as it is communicating with the CPU.

Introduced in the XBOX One and Azure Sphere, the Pluton security processor will emulate a TPM so that it can perform secure cryptographic functions and protect the boot process, encryption keys, and credentials directly on the CPU. This prevents malware and other malicious attacks from gaining access to the data.

To further enhance security, the Pluton security platform will verify the integrity of firmware to prevent malware from making malicious modifications. If new firmware is detected for devices, the processor will securely communicate with the cloud via Windows Update to download and install the updated software directly from Microsoft.

Embedded Pluton security processor
Embedded Pluton security processor

By utilizing the cloud to handle hardware firmware updates, Microsoft hopes to eliminate patching conflicts while maintaining a secure method of updating hardware.

"One of the other major security problems solved by Pluton is keeping the system firmware up to date across the entire PC ecosystem. Today customers receive updates to their security firmware from a variety of different sources than can be difficult to manage resulting in wide-spread patching issues.  Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality that is authored, maintained, and updated by Microsoft. Pluton for Windows computers will be integrated with the Windows Update process in the same way that the Azure Sphere Security Service connects to IoT devices," Microsoft explains in their announcement.

Microsoft, Intel, and AMD have not indicated when new processors with the integrated Pluton security processor will be available.


Source: ossecorp-ytiruces-notulp-eid-no-sti-sgnirb-tfosorcim/tfosorcim/swen/moc.retupmocgnipeelb.www

Read:109 | Comments:0 | Tags:Microsoft Security security

“Microsoft brings its on-die Pluton security processor to Intel, AMD CPUs”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools