Connect with us

Microsoft

MWC 2022: The next Microsoft Pluton Device + PAC technology

2021 and into 2022 have seen continued innovation in the attack landscape as cybercriminals refine tactics and tools to evade defenses. 2021 saw the highest year on record for zero-day exploits, increased firmware attacks and new tampering attacks targeting security agents. Microsoft and our silicon partners have been vigilant in working to address these trends…

Published

on

2021 and into 2022 have seen continued innovation in the attack landscape as cybercriminals refine tactics and tools to evade defenses. 2021 saw the highest year on record for zero-day exploits, increased firmware attacks and new tampering attacks targeting security agents. Microsoft and our silicon partners have been vigilant in working to address these trends and we’re proud to share that Qualcomm and Microsoft have partnered on innovations designed to help keep the security capabilities in Windows 11 ahead of attackers. 

We’re excited today to announce that the Lenovo ThinkPad X13s, built with the Qualcomm Snapdragon 8cx Gen 3, is the first ARM platform for Windows that is built on the Microsoft Pluton security architecture.  Pluton is at the center of the security capabilities for Windows 11 providing protection in the boot, identity, credential protection and encryption processes. Pluton also supports chip-to-cloud zero trust using the Azure Attestation Service with Intune. Beyond integrating Pluton, the Lenovo ThinkPad X13s is also a certified secured-core PC, which provides the best possible security capabilities for Windows 11 right out of the box. 

Pluton provides security from the chip to the cloud

Microsoft Pluton is a security processor architecture, pioneered in Xbox and Azure Sphere, that is designed to store sensitive data, like encryption keys, securely with hardware that is integrated into the die of a device’s CPU. This makes access more difficult for attackers, even if they have physical possession of a device. 


Windows 11 PCs built on top of Qualcomm’s latest Snapdragon 8cx Gen 3 Compute Platform, with Qualcomm® Secure Processing Unit (SPU), will leverage advanced hardware capabilities from Microsoft Pluton and Pointer Authentication Codes (PAC). Pluton will leverage advanced hardware capabilities while built-in security countermeasures from PAC protect against common exploit patterns to help customers strengthen their device security posture. On Windows 11 PCs like the Lenovo ThinkPad X13s built with the Qualcomm Snapdragon 8cx Gen 3 Compute Platform, Pluton will provide customers with: 

  • Security updates delivered from the cloud to Pluton  

Alongside support for standard industry controls, Microsoft will help keep the Pluton security processor’s firmware up to date through the Windows Update process. 

  • Physical attack resistance 

With Pluton being on the die of the device’s System on a Chip (SoC), attack vectors like bus interfaces that pass data between the SoC and other components on a motherboard are not exposed to physical attacks. 

  • Trusted, proven security built alongside our partners 

Built on approaches and technologies used in Xbox and Azure Sphere, Pluton is the result of years of collaboration between Microsoft and Qualcomm Technologies and our other ecosystem partners. Alongside other lessons learned from Xbox that have been incorporated into secured-core PCs which help reduce malware instances by 60% and the Windows 11 hardware baselines, Pluton helps to protect sensitive data and add visibility to the boot process in tamper-resistant ways.  

ARM pointer authentication in the QC 8CX G3 helps customers stay ahead of zero-day exploits 

With zero-day exploits targeting memory safety issues reaching record numbers in 2021, Microsoft has continued investing in mitigations against sources of vulnerabilities, including partnering with silicon providers to launch new capabilities like hardware shadow stacks which help disrupt common zero-day exploit techniques. The hardware stack protection (HSP) feature in Windows 11 leverages hardware support to efficiently store return addresses in a shadow stack alongside the software call stack in all programs. This helps to address a common attack in zero-day exploits where the software stack is modified or hijacked to execute malicious code. With the HSP feature the software stack must match the return addresses store in hardware.  If there is a mismatch, a process is safely terminated by the operating system, preventing a successful attack. 

With Windows 11 on the Snapdragon 8cx Gen 3, the ARM pointer authentication hardware capability provides similar robust mitigation against exploits that leverage return-oriented programming (ROP) or stack modification techniques on ARM-based Windows systems.  

Windows binaries are compiled with Pointer Authentication Code instructions, injecting a hash (the PAC) for return addresses at function prologue and verifying the hash immediately before function return to verify that the return address has not been tampered. Windows 11 utilizes the Snapdragon 8cx Gen 3 hardware schemes to generate and verify the PAC to provide resilience against attacks that overwrite the intended return address. This helps to break a common technique attackers use to try to execute malicious code. 

Windows 11 and the Snapdragon 8cx Gen 3 provide advanced capabilities like Microsoft Pluton, Secured-core firmware protection and ARM Pointer Authentication, which together provide the best level of protection for Windows PCs. With devices like the Lenovo ThinkPad X13s with Windows 11, customers are empowered to work and play from anywhere with greater peace of mind knowing that protection is built-in from the chip to the cloud to keep attackers at bay. 

Learn more about Microsoft Pluton and secured-core PCs.  

Source

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

Introducing CoreAI – Platform and Tools

Satya Nadella, Chairman and CEO, shared the below communication with Microsoft employees this morning. As we begin the new year, it’s clear that we’re entering the next innings of this AI platform shift. 2025 will be about model-forward applications that reshape all application categories. More so than any previous platform shift, every layer of the……

Published

on

By

Satya Nadella, Chairman and CEO, shared the below communication with Microsoft employees this morning. As we begin the new year, it’s clear that we’re entering the next innings of this AI platform shift. 2025 will be about model-forward applications that reshape all application categories. More so than any previous platform shift, every layer of the…

Source

Continue Reading

Microsoft

Celebrating Windows 11 PC innovations announced at CES

As we reflect on the incredible innovations showcased at CES 2025, it’s evident that the future of Windows 11 will enable new possibilities and experiences for our customers. Throughout the last year and this week at CES, our partners continue to adv Source

Published

on

By

As we reflect on the incredible innovations showcased at CES 2025, it’s evident that the future of Windows 11 will enable new possibilities and experiences for our customers. Throughout the last year and this week at CES, our partners continue to adv

Source

Continue Reading

Business

The future of retail with Dynamics 365 AI-powered ERP solutions

This year at NRF, we will showcase the latest AI and agent innovations in Dynamics 365 AI-powered ERP and Service solution. Learn more. Source

Published

on

By

This year at NRF, we will showcase the latest AI and agent innovations in Dynamics 365 AI-powered ERP and Service solution. Learn more.

Source

Continue Reading

Trending

Copyright © 2021 Today's Digital.