Microsoft Launches Secured-Core PC Initiative To Boost Firmware Security

The company is working with PC makers and chipmakers to bring out new Windows 10 devices that have greater firmware-level protections.


Microsoft is launching a new effort to better secure PCs against cyberattacks at the firmware level, the company said Monday.

The initiative is called Secured-core PCs and includes collaboration with both PC makers and chipmakers—with the ultimate aim of developing new devices that can better stop threats targeted at firmware and the operating system, Redmond, Wash.-based Microsoft said in a blog post.

[Related: Microsoft To Offer Windows 7 Extended Security Updates To SMBs]

Sponsored post

"These devices, created in partnership with our PC manufacturing and silicon partners, meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system," Microsoft said. "These devices are designed specifically for industries like financial services, government and health care, and for workers that handle highly sensitive IP, customer or personal data."

Secured-core PCs bring together protection capabilities around identity, operating system, virtualization, firmware and hardware, the company said.

"Unlike software-only security solutions, Secured-core PCs are designed to prevent these kinds of attacks rather than simply detecting them," Microsoft said.

The new Windows 10 devices developed to meet the Secured-core PC requirements will provide assurances around both operating system and firmware integrity, the company said.

"These requirements enable customers to boot securely, protect the device from firmware vulnerabilities, shield the operating system from attacks, prevent unauthorized access to devices and data, and ensure that identity and domain credentials are protected,” Microsoft said.

Along with Microsoft's Surface devices, the company mentioned Dell, Toshiba Dynabook, HP, Lenovo and Panasonic as PC makers involved with the Secured-core PC initiative.

Meanwhile, new silicon advances from AMD, Intel and Qualcomm will allow Windows 10 to implement the System Guard Secure Launch capability “as a key Secured-core PC device requirement to protect the boot process from firmware attacks," Microsoft said.

"It's not surprising to see Microsoft leading in this area," said Ric Opal, principal at Oak Brook, Ill.-based SWC Technology Partners, a BDO USA company, in an email to CRN. "I expect this type of behavior given their global footprint and the level of investment as they continue to prioritize security for our mutual customers."

Getting to the root cause of security issues is crucial for Microsoft from a long-term point of view, Opal said. It's also smart for Microsoft to proactively deal with the perception of security issues being a "Microsoft problem” when, in fact, they may not be, he said.

"By driving the investment, awareness and standard, Microsoft continues to impress with their security leadership," Opal said. "Security is not a vendor problem, it is a problem we must jointly solve broadly in the world."