In-depth

What is the Microsoft Pluton security processor?

A quick look at Microsoft's new approach to CPUs that promises to revolutionise Windows security

Abstract image of the Microsoft logo ontop of a glowing processor

Microsoft Pluton is a new type of secure processor that promises to revolutionise PC security by housing sensitive data inside the chip.

This approach deviates markedly from existing processor architecture, which normally forces the CPU to communicate with a separate trusted platform module (TPM), which stores sensitive data such as encryption keys and critical system information. As cyber security threats have become more sophisticated, hackers have started to target the TPM, something which has led to an explosion in the number of potential attack vectors.

Pluton is designed to address this vulnerability by effectively removing this channel of communication and instead hosting this sensitive information inside the chip. Microsoft claims this makes it impossible to lift things like encryption keys from the hardware, regardless of the type of attack used.

Following a collaboration between Microsoft, AMD, Intel, and Qualcomm, work on the chip was first announced on 17 November 2020, building on a previous iteration that powered the Xbox One.

How does Microsoft Pluton work?

On most PCs today, operating system security is largely handled by the trusted platform module (TPM). This separate hardware component that stores encryption keys and has been a mainstay in computing for more than a decade. Today it’s used to support Windows security programmes like Hello and BitLocker.

The CPU needs to communicate with the TPM, usually across a bus interface, in order for this information to be shared. However, this communication channel also exposes this information to the outside world, something which is frequently being targeted and exploited by hackers in order to lift sensitive data as it moves.

Pluton attempts to solve this by removing this communication channel altogether. Instead, the CPU emulates a TPM onboard the chip, complete with the same specs and APIs, and while still being able to support the same security features that Windows users have come to know. Data such as encryption keys, user biometric data, and account credentials can all be stored directly on the Pluton processor, which are effectively isolated.

Secure Hardware Cryptography Key (SHACK) technology is also used to encrypt the data it holds, adding an additional layer of security.

Hackers would be unable to extract this data as a result, even if they have malware installed or physical access to the machine, according to Microsoft.

When will Pluton processors be released?

The Pluton architecture is expected to feature in a future range of chips designed by AMD, Intel, and Qualcomm. No release date has been given.

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021
Microsoft open sources CodeQL queries used in Solorigate inquiry
Security

Microsoft open sources CodeQL queries used in Solorigate inquiry

26 Feb 2021
CISA warns of ongoing Accellion File Transfer Appliance attacks
hacking

CISA warns of ongoing Accellion File Transfer Appliance attacks

25 Feb 2021
What is a Trojan?
Security

What is a Trojan?

25 Feb 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

26 Feb 2021