Microsoft announced a new initiative called Secure-Core PCs that aims to address the threats targeted at the firmware and operating systems level.
As part of this new initiative, the tech giant is collaborating with PC manufacturing partners like Intel, AMD, and Qualcomm.
Secured-core PCs have to meet certain requirements
These secured devices meet a specific set of requirements to better protect the firmware layer and offer more security to the Windows operating system.
As such, they’re primarily intended for industries that work with highly-sensitive data, as Microsoft explains:
These devices are designed specifically for industries like financial services, government and healthcare, and for workers that handle highly-sensitive IP, customer or personal data, including PII as these are higher value targets for nation-state attackers.
As you already know, the hacking group Strontium targeted many systems last year, and again this year, by delivering malware through firmware attacks.
Why? Because through firmware you can get directly to the hardware, thus gaining higher privilege than the hypervisor and operating system kernel.
What is a Secured-core PC?
That’s the reason why Microsoft is betting big on Secured-core PCs:
Secured-core PCs combine identity, virtualization, operating system, hardware and firmware protection to add another layer of security underneath the operating system. Unlike software-only security solutions, Secured-core PCs are designed to prevent these kinds of attacks rather than simply detecting them.
With Secured-core PCs customers can boot securely, prevent and protect against firmware attacks, prevent unauthorised access, and credentials protection.
They can also be remotely monitored by SecOps and IT admins to make sure that the system health and the hardware are not susceptible to any immediate threats.
Along with Secure Boot, UEFI, and new hardware capabilities, Windows 10 will have a new Secured-core PC requirement called System Guard Secure Launch.
If you’re interested in better securing your data, you’ll be happy to know that manufacturers like Dell, Dynabook, HP, Lenovo, Panasonic and Surface, offer verified Secured-core PC.
For more info about Secure-core PCs and the full list of verified devices, check out Microsoft’s official page.