Microsoft’s Pluton security processor tackles hardware, firmware vulnerabilities

While this year’s Consumer Electronics Show was impacted by COVID, it didn’t stop Lenovo from announcing the first Microsoft Pluton-powered Windows 11 PCs. First announced in 2020, the Pluton is a security processor that Microsoft developed in partnership with AMD and Qualcomm to provide what they called “chip to cloud” security. Pluton is designed to eliminate opportunities for attackers to reduce the attack surface within Windows PCs.

What is the Microsoft Pluton processor?

The Pluton processor first appeared in Microsoft’s Xbox console and Azure Sphere. Pluton combines the functions of the CPU and the Trusted Platform Module (TPM) in its silicon and performs tasks such as verifying the integrity of the OS. This places the root of trust on the same silicon as the processor, mitigating, for example, man-in-the-middle type attacks where the attacker can sniff the bus between CPU and TPM. It also means that additional access protections and limitations can be designed so that users and administrators may have different access rights and thus better protect from user-targeted attacks.

Why is Pluton needed?

The Spectre and Meltdown security issues showed us that an attacker can sit between the CPU processor and the operating system and potentially read the transmission of highly sensitive data. Mitigating Spectre and Meltdown came with a cost in performance. I’ve had to disable Spectre and Meltdown protections on certain machines where the impact on database performance what too high. We’ve known for years that we will need to upgrade hardware with better protected processors to mitigate processor-based attacks.

Mitigating hardware vulnerabilities often requires a firmware update, which can be a difficult and ignored process. Firmware updating needs a lot of overhead and management and can’t be easily automated. Until now, all the computers under my control have had to have their firmware updated either by me manually determining that the firmware needed updating, or by installing a vendor-provided software management tool to monitor for and deploy firmware updates. Except for my Surface devices, no other firmware update has been manageable through Windows Update, Windows Software Update Services, Configuration Manager or Intune.

Why should we worry about firmware patching? Because attackers care when they realize they can gain access to systems through firmware vulnerabilities. They know that we often don’t patch firmware. It’s only been recently that I’ve paid more attention to firmware patching. Earlier, I would install new hardware and the most recent firmware and never ever go back to patch the system.

On Microsoft’s consumer side, Xbox gamers have taken extreme measures to bypass licensing and other restrictions surrounding online games. This has pushed Microsoft to be more inventive in how they secure their software resources. Previously, NXP Semiconductors released security processors that integrated Microsoft’s Azure Sphere security architecture and Pluton Security Subsystem into the processor, ensuring that attackers can’t steal the information as it’s passed on from the boot process to the processor to the operating system.

When hardware is built now, attackers can look at the connection between the security processor and the bus for information. That spot is where most if not all the sensitive information regarding credentials is kept. Attackers will focus on the bus and design attacks and processes to glitch and sniff for secrets. Once the bus has been compromised, the trust process between the TPM and CPU has also been compromised and thus any secrets passing along that connection can now be accessed.

Like with the threat modeling of the Xbox platform, the attacker could be a person attacking from an external source as well as an attacker being an insider threat: Someone who has full access to the hardware and who is incentivized to load software and code that hasn’t been code-signed by Microsoft.

In the Xbox threat model, the user couldn’t be trusted. They would attack their own devices to gain rights for playing games. Users could even purchase kits to guide them through drilling into the closed unit on the motherboard to reflash firmware. Called the “Kamikaze hack,” it was a step up from earlier attacks that had users soldering chips to the motherboard.

Should you upgrade to Pluton-equipped devices?

Windows 11 hardware requirements dictate that most of us will need to purchase new hardware to deploy and run it. Upgrading to Pluton-enabled devices provided added protection against threats like Spectre and Meltdown. However, not everyone believes Pluton-equipped devices are necessary or the only option to guard against hardware and firmware attack vectors.

Detractors argue that for many companies the Pluton chipset may be nice to have, but not necessarily a need to have. Some think that this is a mechanism to lock the vendor chip into one particular operating system and make it unique to that platform. Users are interacting more with cloud services and use a variety of devices to do so. A secure windows desktop may not be as needed as it was a few years ago. Others argue that we need to pay more attention to protecting authentication and coming up with better ways to protect the authentication process but not necessarily worrying about the platform in use.

Security is always a balance, and with the Pluton chips you must determine if your security needs and threat modeling rise to the risks addressed by this hardware. Do you have an insider threat that could leverage device hardware or firmware as an attack vector?

In the future we will need to purchase hardware with a threat modeling viewpoint. Is there a determined attacker in our organization and thus the Pluton chip can help us protect our assets better? Should our resources go to other security solutions? As we move from traditional on-premises networks to cloud networks, maybe it’s time to take the lessons of security from the Xbox threat model.