Microsoft and their hardware partners just announced the Secured-core PC initiative to combat threats that target the PC’s firmware and operating system.
With help from David Weston, Partner Director of Microsoft OS Security, here is everything you need to know about the Secured-core PC initiative!
What Is The Secured-core PC Initiative?
Secured-core PC is a new Microsoft initiative that they just announced. In partnership with their hardware partners, they aim to create a specific set of requirements for devices that are meant for secure use.
These requirements will apply the best practices in data security – isolation and minimal trust in the firmware layer and the device core that underpins the Windows operating system.
Secured-core PC devices will be targeted at industries like financial services, government and healthcare, and anyone who work with valuable IP, customer or personal data. They would also be useful for persons of interest, who would be high-value targets for hackers and nation-state attackers.
Is There A Need For Secured-core PC?
As more protection is built into the operating system and connected services, attackers are exploring other methods with firmware emerging as a top target.
The NIST’s National Vulnerability Database shows a near 5X increase in the number of firmware vulnerabilities in the last 3 years :
In late 2018, security researchers discovered that the hacking group Strontium targeted systems in the wild with malware that made use of firmware vulnerabilities.
Because it targeted firmware, the malicious code was hard to detect, and difficult to remove. It even persists after the operating system is reinstalled, or the storage drive replaced!
Why Is Firmware The New Target?
Firmware is used to initialise the hardware and software when a device is started up. It therefore has a higher level of access and privileges than the hypervisor and operating system kernel.
This means firmware attacks that succeed can undermine protective mechanisms like Secure Boot that the hypervisor or operating system use to protect against malware.
Firmware attacks can more easily evade endpoint protection and detection solutions, because the latter run under the operating system layer, and therefore have limited visibility of the firmware layer.
What Is A Secured-core PC Made Up Of?
Secured-core PCs will combine multiple layers of protection – identity, virtualisation, operating system, hardware and firmware – to prevent attacks, rather than simply detecting them.
They all ensure that the device will boot securely and is protected against firmware vulnerabilities, shielding the operating system from attacks and preventing unauthorised access to the device and data.
Recommended : How AMD CPUs Work In A Secured-core PC Device
System Guard Secure Launch
Microsoft is now implementing System Guard Secure Launch in Windows 10 as a key Secured-core PC requirement.
System Guard uses the Dynamic Root of Trust for Measurement (DRTM) capabilities built into the latest processors from AMD, Intel and Qualcomm, to protect the boot process from firmware attacks.
The firmware is used to start the hardware, and then shortly after, re-initialise the system into a trusted state. This helps to limit the trust assigned to the firmware, greatly mitigating against firmware attacks.
This method also helps protect the integrity of the Virtualisation-Based Security (VBS) feature in the hypervisor against firmware vulnerabilities. This is critical because VBS is used for important OS security functions like Windows Defender Credential Guard and Hypervisor-protected Code Integrity (HVCI).
Trusted Platform Module 2.0
Microsoft is also implementing Trusted Platform Module 2.0 (TPM) as a device requirement for Secured-core PCs.
It is used to measure the components that are used during the secure launch process, allowing for zero trust networks using System Guard runtime attestation.
Secured-core PC Availability
Secured-core PC devices are available from Dell, Dynabook, HP, Lenovo, Panasonic and Microsoft’s own Surface brand.
- How AMD CPUs Work In A Secured-core PC Device
- Key NVIDIA EGX Announcements @ MWC Los Angeles 2019!
- Yahoo Groups To Delete All User Content! Download ‘Em Now!
- Kingston DC500 SSDs Are Now Certified VMware Ready!
- Dell EMC PowerProtect DD for Multi-Cloud Data Protection
- NTT Mega Merger Continues In Malaysia, ASEAN + APAC!
- Red Hat Partners Are Driving APAC Hybrid Cloud Adoption!
- The 4G Belongs To Four US Telcos Hoax Debunked!
- The Alibaba Hanguang 800 (含光 800) AI NPU Explained!
- 3rd Gen X-Dragon Architecture by Alibaba Cloud Explained!
- Dell OptiPlex 7070 Ultra, A Flexible Modular Zero-Footprint PC!
- YES + TPG Launch VoLTE Roaming In Southeast Asia!
- Kambyan ManUsIA + AleX Laser Cutting Drone Technology!
- Yes, Yahoo Mail Is Still Alive… And They Have A New App!
- Microsoft + IDC : APAC Higher Education Can Double Innovation With AI!
- Acronis Cyber Penthouse with Williams F1 Racing Team!
- The NVIDIA ACE Design For Creator Laptops Explained!
- SAP Experience 2019 – An Intelligent Enterprise Conference
Go Back To > Cybersecurity | Computer | Home
Support Tech ARP!