Microsoft is teaming up with Intel, AMD, and Qualcomm to work on a new security chip that will be integrated directly into the CPU die on Windows PCs. Code-named “Pluton,” the chip aims to help make upcoming laptops and desktops more secure, and prevent attacks or security exploits like Spectre and Meltdown, which plagued the PC industry in 2018.
According to Microsoft, this new “Pluton” chip is based on a chip-to-cloud technology, which is already seen in Xbox game consoles and Microsoft’s Azure Sphere. Essentially, that means the chip is able to eliminate the bus interface between a laptop or desktop’s CPU and the Trusted Platform Module (TPM), where Windows stores security keys and other things to verify the integrity of the system.
As seen with Spectre and Meltdown, attackers leverage that bridge to gain physical access to a PC and steal the information in TPM using certain methods. However, Pluton will be built directly into the CPU and will work by replacing and emulating a TPM. In turn, the information can’t be removed from the Pluton chip, even with malware or with physical access to the PC, according to Microsoft. It’s the same way that physical attack protection won’t let you run pirated games on an Xbox One or Series X/S. It makes your PC more secure.
“This is accomplished by storing sensitive data like encryption keys securely within the Pluton processor, which is isolated from the rest of the system, helping to ensure that emerging attack techniques, like speculative execution, cannot access key material,” said David Weston, director of Enterprise and OS Security at Microsoft.
The chip also goes beyond physical security. Part of the problem with the 2018 Spectre and Meltdown attacks was that processors needed to be patched via firmware and microcode updates. It’s not always an easy process that requires going through different resources to securely update. Pluton will bring “a flexible, updatable platform for running firmware.” This means that firmware updates for a PC will be managed through Windows Update, as maintained by Microsoft.
There’s also the worry of digital rights management (DRM). With the security in the chip, updates are being controlled by Microsoft’s infrastructure. But, as reported by The Verge, Pluton is more about security than DRM. “This is really about mainstream security and protecting identity and encryption keys,” Microsoft told the publication.
No word yet on when the first PCs with the Pluton chip will ship. But Intel, AMD, and Qualcomm have partnered with Microsoft and committed to continuing to develop the technology.
