Over the last two years, leading semiconductor manufacturers have been addressing a range of hardware vulnerabilities, including Meltdown and Spectre, which presented a pathway – albeit a complex one – for unauthorized access to passwords and other confidential information stored within processors. While these companies released software updates to mitigate the issues, it also prompted a reevaluation of their overall approach to chip security.

Microsoft believes it has developed a solution with its newly introduced security chip, named Pluton. This chip, revealed today, is the result of a collaborative effort between Microsoft and chip developers Intel, AMD, and Qualcomm.

Pluton functions as a hardware root-of-trust, essentially safeguarding a device’s hardware against manipulation, such as the introduction of malicious hardware or exploitation of weaknesses in the device’s foundational firmware. By embedding the chip directly into future central processing units (CPUs) from Intel, AMD, and Qualcomm, the companies assert that it will significantly impede hackers with physical access from executing hardware-based attacks and stealing sensitive data.

“The Microsoft Pluton architecture will establish a more robust connection between the hardware and the Windows operating system at the CPU level, thereby minimizing potential attack vectors,” explained David Weston, Director of Enterprise and Operating System Security at Microsoft.

Microsoft initially deployed Pluton in the Xbox One console in 2013 to enhance its resistance to hacking and prevent the execution of unauthorized game copies. The chip was subsequently integrated into Microsoft’s Azure Sphere cloud service, designed to secure low-cost Internet of Things devices.

The current objective is to extend this same technology, with further refinements, to upcoming Windows 10 devices.

The chip provides immediate advantages, notably by making successful hardware attacks against Windows devices considerably more challenging. Furthermore, it addresses a significant security concern by ensuring the device’s firmware remains current.

The long-term effectiveness of the Pluton chip remains to be seen. Much of the discovery of chip vulnerabilities has been achieved through the diligent efforts of independent researchers. Microsoft’s Weston stated that the Pluton chip has been subjected to security testing by both internal teams and external security firms. However, this could prove problematic if vulnerabilities are overlooked. For example, just recently, security experts identified a critical and “unfixable” security flaw in Apple’s T2 security chip – a custom chip found in many modern Macs, similar in concept to Microsoft’s Pluton – which could expose Macs to the very threats the chip was intended to prevent.

Microsoft did not disclose whether it intends to license the Pluton chip designs to other chip manufacturers or release the designs as open-source for broader use, but indicated that further details will be shared in the future, keeping those options open.