Microsoft teams up with chipmakers to boost PC security

Microsoft Corp. said it has developed a security technology that chipmakers Intel Corp. and Advanced Micro Devices Inc. plan to incorporate into personal-computer processors to boost their ability to ward off hackers and cyber-attacks.

Intel and AMD said chips with the new technology, which Microsoft is calling Pluton, will be ready within the next few years. Qualcomm Inc. expressed support for the approach, but declined to say whether it would incorporate this specific design in its chips. Microsoft and the chip companies for years have been seeking ways to bolster computer protection by locking important information like passwords and security certificates in hardware, making it tougher for hackers to exploit vulnerabilities in one computer program or part of a device and use that weakness to take over an entire machine.

The Microsoft design will be directly embedded on the main computer processor, which makes it harder to hack PCs and laptops, and will offer more consistency in PC security if the technology is widely used. The advantage that on-chip security offers over software-based protection is that physical access to the machine is usually required to hack in, compared with the risk of a remote attack via the internet. That's become even more important during the Covid-19 pandemic, because many company employees are working remotely on home hardware rather than operating behind corporate firewalls.

“You're now talking about maybe a few people in the world that have the tools and expertise” to hack a system using the new Microsoft technology, said David Weston, a partner director working on enterprise and operating system security at Microsoft.

Even when chips are currently used to protect passwords and other essential information, they are often separate from a PC's central processor unit, or CPU. The link between those two chips has been identified by hackers as a potential vulnerability. By building the security circuitry into the CPU itself, that connection isn't needed, meaning there's one less area open to illicit access.

ALSO READ: Hackers claim they can jailbreak Macs, MacBooks with Apple's T2 security chip

Microsoft is trying to repurpose technology used in its Xbox game consoles — which now guards against hardware hacks to use games that haven't been paid for— to make attacks on Windows-based personal computers more difficult. The technology was developed by Microsoft's in-house chip engineers, a team that has grown as the software maker engages in more custom processor design and development for products like the Xbox and the company's HoloLens augmented reality goggles. Microsoft plans to continue its expansion into chips, but is unlikely to focus on general-purpose chips like  those from Intel, AMD and Qualcomm, said Microsoft Chief Product Officer Panos Panay.

“Where we think we need to invest in silicon, we are absolutely going to,” Panay said. “If there's a need, we're going to fill it.”

The idea of embedding security inside chips isn't new — chipmakers in the past have built in systems and devoted protected areas on their central processors to isolate keys, passwords and digital certificates to make them tougher to access. No solution is unhackable, as illustrated by the hardware attacks of a couple of years ago — called Spectre and Meltdown — that targeted vulnerabilities in Intel's processors. 

By Dina Bass and Ian King