'

Microsoft announces their Pluton Security Processor with AMD, Intel and Qualcomm

Boosting Windows Security with dedicated silicon

Microsoft announced Pluton Security Processor with AMD, Intel and Qualcomm

Microsoft announces their Pluton Security Processor with AMD, Intel and Qualcomm

Platform security has always been a critical concern for OS developers. Still, with the growing popularity of hardware-specific cyber-attack methods, there is a growing need for platform security to start at a deeper level, and Microsoft, AMD, Intel and Qualcomm are collaborating to address this issue. 

By working with its hardware partners, Microsoft has created their Pluton Security processor, a "chip-to-cloud" security technology which has been pioneered by Microsoft's Xbox division and Azure Sphere. Through this chip, Microsoft plans to bring security to the "very core" of Windows PC, tightly integrating hardware and software to "eliminate entire vectors of attack". 


   Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack. This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.

 
At this time, it is unknown when AMD, Intel and Qualcomm will launch CPUs with Microsoft's Pluton Security processors. Firmware updates for this security processor will be controlled through Windows, allowing users to keep their processor's security up to date without relying on BIOS updates or other 3rd parties. 

Pluton will be easy to update and maintain and act as a security hub which is cut-off from other aspects of the user's CPU. Sensitive data like encryption keys will be stored on the Pluton processor, preventing CPU-based side-channel attacks from accessing sensitive information. This will enhance the security of future Windows PCs, greatly improving the entire PC ecosystem. 

  

Microsoft announced Pluton Security Processor with AMD, Intel and Qualcomm  

At this time, it is unknown when we will start seeing Pluton enhanced processors hit the market, though given AMD's work with Microsoft on Xbox One and newer consoles, it seems likely that they will be one of the first platform providers to ship Pluton-enabled CPUs. 

You can join the discussion on Microsoft's Pluton Security Processor on the OC3D Forums

«Prev 1 Next»

Most Recent Comments

18-11-2020, 06:17:51

dazbobaby
Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.


System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.Quote

18-11-2020, 06:38:28

looz
Quote:
Originally Posted by dazbobaby View Post
Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.

System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.
There isn't a single bit of multi-million line software without bugs or vulnerabilities. But we hear a fair bit about Windows since it's the most popular desktop OS and also often operated by laymen. And people who disable Windows Update... What comes to branch prediction vulnerabilities, that attack vector wasn't known when those processors were designed - and as such, it couldn't reasonably have been avoided.

And yes, social engineering and plain old phishing are a major source of data breaches. But ignoring other attack vectors is silly.

And what on earth you mean by attacking cloud? Phishing O365 credentials? Poking holes to cloud hosted services?Quote

18-11-2020, 06:45:21

Dicehunter
Quote:
Originally Posted by dazbobaby View Post
Coming from a company (Microsoft) who use closed source code, that has a multitude of bugs and security vulnerabilities, and a company (Intel) that not only rushed processors to the market that have system crippling vulnerabilities when patched, and an entire system opening back door.

All they're doing is creating another vector of attack for hackers. If they can't get access to your hardware, they'll attack the cloud instead.

System security isn't just about how secure your software and hardware is, it's also about users who have no clue, and that is always the weakest link.
I watched a deep dive video about a year ago on Intel's management engine, Some very shady stuff, Basically an embedded subsystem hardware back door originally put forward by various security agencies in the US and still in use today in Intels latest CPU's.Quote

18-11-2020, 06:50:21

looz
There's still no evidence of MCE being used in such manner - and it's impossible for that traffic to not be visible in firewall logs, for instance.
However, it can be used for remote managing a fleet of Intel PCs, and similar hardware exists on AMD.
But of course, having that level of access means that any vulnerabilities found in MCE are severe.Quote

18-11-2020, 09:10:31

g0ggles1994
This new Pluton will have a backdoor, I guarantee it. NSA, and GCHQ are rubbing their hands together laughingQuote
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.