What is Microsoft Pluto and why do we need it?


Microsoft unveiled Pluto, a security processor designed to withstand the toughest cyberattacks. The tech giant first introduced the security chip in November 2020 to protect future Windows PCs. Pluto stores sensitive information like passwords and encryption keys at the hardware level to better protect them.

Additionally, Microsoft announcement in January 2022 that AMD laptops with the Pluto chip would be released in 2022. The first batch of Windows 11 computers hosting the Microsoft Pluto security processor are coming in 2022, with AMD’s Ryzen 6000 series. Xbox consoles already have Pluto-like technology to protect sensitive data, and Microsoft is working on adding Pluto to more devices.

How does Microsoft Pluto work?

The approach by which a Pluto device stores sensitive data is entirely different from the existing processor architecture. Currently, the processor interacts with a separate Trusted Platform Module (TPM) that stores sensitive system data. Likewise, TPM improves security by preventing attackers from tampering with low-level firmware which could lead to the injection of malware into the PC.

The introduction of TPM has dramatically increased security on Windows PCs, but it has also allowed attackers to be more creative. Therefore, the attackers found a weakness in the operation of TPM: the CPU communicates with the external hardware chip. However, Pluto’s design supports this vulnerability.

Pluto eliminates the need for external communication between the CPU and a security chip. Instead, the security chip itself is a component built into the processor, where it can have constant contact. Therefore, it would be much more difficult for attackers to extract information from a PC containing Microsoft Pluto.

Microsoft’s Security Chip is essentially an evolved version of the CPU-integrated TPM. It also offers the same features as a TPM chip, including Windows Hello security and BitLocker encryption. Pluto follows other hardware-based security offerings, such as Apple’s T2 chip on Macs and Google’s Titan M chip on Pixel devices.

The future of Microsoft’s security processor

In a nutshell, Pluto has only one job: to protect sensitive information such as encryption key credentials and user information. It isolates this important information using SHACK (Secure Hardware Cryptography Key) technology.

It’s no doubt going to stick around for a while, and most newer AMD-based computers will carry it. Microsoft has also partnered with Intel and Qualcomm to integrate Pluto into their chips. Additionally, the security chip will receive regular firmware updates through Windows Update, just like any other PC component.

However, Microsoft isn’t the only company working on increasing the hardware-level security of its computers. Apple also embraced the trend in 2016 when it introduced its T1 chip, and later the T2 security chip which has also found its way into the new M1 Macs. Then there’s Google’s Titan M chip that boosts security on Pixel devices.

If you liked that neat explainer, we’ve got a whole section of short, no-nonsense explainers that break down complex technology into short bits.


About Author

Comments are closed.