This post has been republished via RSS; it originally appeared at: Windows Experience Blog.
2021 and into 2022 have seen continued innovation in the attack landscape as cybercriminals refine tactics and tools to evade defenses. 2021 saw the highest year on record for zero-day exploits, increased firmware attacks and new tampering attacks targeting security agents. Microsoft and our silicon partners have been vigilant in working to address these trends and we’re proud to share that Qualcomm and Microsoft have partnered on innovations designed to help keep the security capabilities in Windows 11 ahead of attackers. We’re excited today to announce that the Lenovo ThinkPad X13s, built with the Qualcomm Snapdragon 8cx Gen 3, is the first ARM platform for Windows that is built on the Microsoft Pluton security architecture. Pluton is at the center of the security capabilities for Windows 11 providing protection in the boot, identity, credential protection and encryption processes. Pluton also supports chip-to-cloud zero trust using the Azure Attestation Service with Intune. Beyond integrating Pluton, the Lenovo ThinkPad X13s is also a certified secured-core PC, which provides the best possible security capabilities for Windows 11 right out of the box.Pluton provides security from the chip to the cloud
Microsoft Pluton is a security processor architecture, pioneered in Xbox and Azure Sphere, that is designed to store sensitive data, like encryption keys, securely with hardware that is integrated into the die of a device’s CPU. This makes access more difficult for attackers, even if they have physical possession of a device. https://youtu.be/e_N4m7GIVgE Windows 11 PCs built on top of Qualcomm’s latest Snapdragon 8cx Gen 3 Compute Platform, with Qualcomm® Secure Processing Unit (SPU), will leverage advanced hardware capabilities from Microsoft Pluton and Pointer Authentication Codes (PAC). Pluton will leverage advanced hardware capabilities while built-in security countermeasures from PAC protect against common exploit patterns to help customers strengthen their device security posture. On Windows 11 PCs like the Lenovo ThinkPad X13s built with the Qualcomm Snapdragon 8cx Gen 3 Compute Platform, Pluton will provide customers with:- Security updates delivered from the cloud to Pluton
Alongside support for standard industry controls, Microsoft will help keep the Pluton security processor’s firmware up to date through the Windows Update process.
- Physical attack resistance
With Pluton being on the die of the device’s System on a Chip (SoC), attack vectors like bus interfaces that pass data between the SoC and other components on a motherboard are not exposed to physical attacks.
- Trusted, proven security built alongside our partners
Built on approaches and technologies used in Xbox and Azure Sphere, Pluton is the result of years of collaboration between Microsoft and Qualcomm Technologies and our other ecosystem partners. Alongside other lessons learned from Xbox that have been incorporated into secured-core PCs which help reduce malware instances by 60% and the Windows 11 hardware baselines, Pluton helps to protect sensitive data and add visibility to the boot process in tamper-resistant ways.