Security News > 2020 > November > Microsoft's new security chip takes PC protection to a higher level
"In a nutshell, Microsoft is handing over a processor design, with the firmware, to our three biggest silicon providers for the PC ecosystem. And we think this is really going to raise the fundamental security bar almost immediately, both for consumers and enterprises. This is something across the board that is just going to be part and parcel of our products, and really push us forward into the next years in terms of what security looks like," Microsoft's partner director of enterprise and OS security David Weston told TechRepublic.
"You can turn off Pluton and go with a conventional TPM. There will be some RFPs that say, 'to get onto this secret network you've got to have this', and there are different geographies across the world where they have a specific security process that they expect. Pluton keeps its security capabilities, and it manages its own when it's enabled, but it can definitely work in concert with other security processors or it can be turned off, and that choice is something we explicitly designed in."
"In the end, most security problems come from a lack of hygiene; you didn't apply patches, you didn't do the basic things. We are making the basic things incredibly simple. You update on Patch Tuesday, and we are updating your security processor. Today, with TPMs you've got to chase down your manufacturer and you've got to chase down the person who made the TPM - you have to do work, and as a result, we don't see the patch levels of security processors nearly as high as they should be. And that's a massive cause for concern," he said.
"With Pluton, Microsoft security engineers are writing this, we're going through the full security assurance lifecycle that you would expect from a Microsoft product. We've got a track record here with both Azure Sphere and with Xbox, and we are making this available on Patch Tuesday just like it was any other component in the operating system. So, if you have something like the ROCA issues that impacted TPM some time ago, able to issue an update that's comprehensive to the ecosystem in one stroke."
"I think what makes the PC ecosystem unique over some of the competitive ecosystems is the choice: in the PC ecosystem, you can buy a gaming PC, you can buy a tiny two-in-one, you can buy a monster desktop that you built yourself. People come to the PC ecosystem because they can have a choice. The challenge with that is we want to support that choice, without fragmenting the security baseline."
News URL
Related news
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Security? We've heard of it: How Microsoft plans to better defend Windows (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)