Microsoft’s new ‘Pluton’ security processor gets buy-in from Intel, AMD

Written by

Microsoft and three major computing vendors — AMD, Intel and Qualcomm Technologies — on Tuesday said they would produce security chips designed to keep attackers from stealing critical data such as encryption keys and credentials from computing systems.

The goal is to guard against a relatively new breed of attack techniques, made famous by the 2018 Spectre and Meltdown vulnerabilities, that pry data from a computer’s most sensitive enclaves. To do this, Microsoft said it will store critical data on the chip itself, isolating it from the rest of the system.

Advocates of the new security chip, known as Pluton, say it will cut off a key vector for data-stealing attacks: a communication channel between a computing system’s central processing unit (CPU) and another piece of hardware known as the trusted platform module (TPM). In one example of that type of attack, researchers from security company NCC Group in 2018 showed how an attacker could undermine the booting process for “a large number of TPM-enabled computing platforms.”

The Pluton chip will be built into Windows computers through “future chips” made by AMD, Intel and Qualcomm, Microsoft said. It’s unclear when, exactly, all of that hardware will be on the market. Microsoft would only say that the work is ongoing.

It’s the latest effort by major technology companies to make attacks against hardware and firmware, the permanent code within a device’s memory, more difficult. Microsoft last year started an initiative to ensure its PCs load legitimate Windows operating systems rather than a malicious OS planted by an outsider. That effort came part as a response to the revelation that Russian hackers had proved capable of breaching firmware in a way that enabled them to access stored credentials and memory functions.

The U.S. government has also invested in firmware security projects. The National Security Agency, for example, last year announced an effort that essentially places a machine’s firmware in a container, isolating it from would-be attackers.

David Weston, Microsoft’s director of enterprise and operating system security, said Pluton would force malicious hackers to spend more resources to reverse-engineer equipment in order to mount attacks.

“Our goal is to reduce as much of the available attack surface as possible by tightening the integration between hardware and software,” Weston said in an email.

Having physical access to a PC increases the options that attackers have to plant malicious code in the firmware and retain remote access to the computer. But Weston said that even if a hacker has physical access to a computer with Pluton installed, they would not be able to remove encryption keys or personal data.

Independent hardware security experts will be closely watching how the Pluton chip performs in action. The collaboration from major chip vendors was striking in its own right, said Joe FitzPatrick, an instructor and researcher at SecuringHardware.com, a training site.

“Microsoft clearly put lots of technical work into a solid solution — solid enough to convince three leading CPU manufacturers to incorporate an external IP block into their own silicon,” FitzPatrick said. “A decade ago, they’d each have come up with their own implementation, expecting Microsoft to support it.”