Microsoft has announced its latest innovation in the fight against the evolving PC threat landscape. Working closely with the likes of AMD, Intel and Qualcomm it plans for every new processor to include the Microsoft Pluton Processor. The new security chip technology was pioneered on the Xbox One console (since 2013) to prevent hacking and piracy, and more recently rolled out for Microsoft’s cloud service Azure Sphere to secure low cost IoT devices.
The new Pluton design is claimed to redefine Window security at the CPU. In effect, integrating Pluton in upcoming processors from its partners will greatly reduce the attack surface open to hackers. Over recent years the communications channel between the CPU and TPM has been increasingly targeted by hackers and this will be effectively eliminated with an on-chip Pluton component.
Microsoft says that Windows devices with Pluton will use the processor to protect credentials, user identities, encryption keys, and personal data. Importantly none of this potentially sensitive information can be plucked from Pluton, even if an attacker has direct machine access and/or has installed malware to attempt to grab user data. It is explained that Pluton is on the central processor but isolated from the rest of the system and thus helps quash emerging techniques like speculative execution. Moreover, Pluton provides "Secure Hardware Cryptography Key (SHACK) technology that helps ensure keys are never exposed outside of the protected hardware, even to the Pluton firmware itself, providing an unprecedented level of security for Windows customers," says Microsoft.
Another benefit of Pluton is that it removes the major security problem of firmware updates. Microsoft says that Pluton provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft. In the same way that Azure Sphere Security Service connects to IoT devices, Pluton for Windows computers will be integrated with the Windows Update process.
Microsoft shared Pluton testimonials from its partners in a blog post about the security technology. Future processors from AMD, Intel and Qualcomm will be instrumental in advancing the adoption of Pluton and making Windows PC more secure than ever.
A warning from (Apple) history
The above sounds very positive as a development that is analogous to Apple's T2 security chip, launched back in 2017. However, it must be noted that security researchers found an unfixable security flaw in Apple's implementation last month. It is thought that the so-called Checkm8 vulnerability could very well open up the Mac to deep hacker access and the threats it is designed specifically to prevent.
