In-depth

What is the Microsoft Pluton security processor?

A quick look at Microsoft's new approach to CPUs that promises to revolutionise Windows security

Abstract image of the Microsoft logo ontop of a glowing processor

Microsoft Pluton is the company's new type of secure processor that aims to revolutionise PC security by housing sensitive data inside the chip itself.

This approach is very different to existing processor architecture, which usually forces the CPU to interact with a separate trusted platform module (TPM), that houses sensitive data like critical system information and encryption keys. As cyber security threats have become more sophisticated, malicious actors have started to target the TPM, which has led to an explosion in the number of potential attack vectors.

Pluton has been specifically designed to address this weakness by essentially getting rid of this communication channel and instead hosting the sensitive information inside the chip. Microsoft says this makes it impossible to take information like encryption keys from the hardware, no matter what kind of attack is launched on the infrastructure.

Thanks to a collaboration between Microsoft, IntelQualcomm, and AMD, work on this new chip was first announced on 17 November 2020, and it builds on a previous version that powered the Xbox One games console.

How does Microsoft Pluton work?

It's safe to say that for most PCs today, the operating system's security is usually handled by the trusted platform module (TPM). This has been a feature of computing for over a decade and is an individual hardware component that stores encryption keys. In the present day, it’s used to support Windows security programmes like Hello and BitLocker.

This means that the CPU must communicate with the TPM, normally through what is known as a bus interface, so that the information can be shared. Despite this, it is worth noting that this unique communication channel exposes critical information to the outside world. This is something that is commonly targeted and exploited by hackers so that they can lift the sensitive data as it moves.

Pluton attempts to solve this by removing this communication channel altogether. Instead, the CPU emulates a TPM onboard the chip, complete with the same specs and APIs, and while still being able to support the same security features that Windows users have come to know. Data such as encryption keys, user biometric data, and account credentials can all be stored directly on the Pluton processor, which are effectively isolated.

Secure Hardware Cryptography Key (SHACK) technology is also used to encrypt the data it holds, adding an additional layer of security.

Hackers would be unable to extract this data as a result, even if they have malware installed or physical access to the machine, according to Microsoft.

When will Pluton processors be released?

The Pluton architecture is expected to feature in a future range of chips designed by AMD, Intel, and Qualcomm. No release date has been given.

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Almost 70% of CISOs expect a ransomware attack
ransomware

Almost 70% of CISOs expect a ransomware attack

19 Oct 2021
Acer Taiwan falls victim to cyber attack
hacking

Acer Taiwan falls victim to cyber attack

18 Oct 2021
Marsh McLennan reveals its cyber risk analytics center
risk management

Marsh McLennan reveals its cyber risk analytics center

15 Oct 2021
£100 contactless payment limit could place shoppers at risk, warn industry experts
Policy & legislation

£100 contactless payment limit could place shoppers at risk, warn industry experts

15 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021
What is cyber warfare?
Security

What is cyber warfare?

15 Oct 2021