Nowadays, attackers are looking for ways of exploitation with firmware as more protections are built into OS and connected services. It has increased five-fold in the last three years, according to NIST’s National Vulnerability Database. To counter this, Microsoft announces a new initiative, Secured-core PCs.[wpinsertshortcodead id=”bzyqm5d3e04029f48f”]
These are the devices that are created in partnership with the PC and silicon manufacturers to “meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system.”
The devices are designed especially for organizations like financial services, government organizations, etc. which manage highly sensitive data. Microsoft’s David Weston mentioned:
Secured-core PCs combine identity, virtualization, operating system, hardware, and firmware protection to add another layer of security underneath the operating system. Unlike software-only security solutions, Secured-core PCs are designed to prevent these kinds of attacks rather than simply detecting them.
DRTM (Dynamic Root of Trust for Measurement), which can be found in the latest hardware from AMD, Intel, and Qualcomm, enables the protection feature providing an additional layer of protection. System Guard Secure Launch uses this DRTM capability to prevent firmware attacks during the boot process. Virtualization-based Security (VBS), Hypervisor-protected Code Integrity (HVCI), and the Trusted Platform Module (TPM) 2.0 are among the other technologies which provide additional protection to the OS.
Secured-core PCs are available from Dell, Dynabook, HP, Lenovo, Panasonic, and Surface, which you can check them here.