AMD enhances security with Microsoft's Pluton processor

Lenovo's ThinkPad Z13 and Z16 will be amongst the first laptops using AMD's Ryzen 6000 Series CPUs

AMD has launched its new Ryzen 6000 Series laptop processors - the first to include Microsoft's new Pluton security processor for PCs.

The chip maker used its time at CES in Las Vegas to announce that Lenovo's ThinkPad Z13 and Z16 will be amongst the first laptops using the new processors.

"Our co-development work with Microsoft eliminates entire attack vectors on notebooks, better protecting critical data like system credentials, user identities, encryption keys and personal information," said AMD CEO Lisa Su.

"The Pluton processor, combined with our other security features, delivers the most innovative security in a PC processor."

Lenovo said that its Z13 and Z16 laptops will be available this summer, starting at $1,549 and $2,099, respectively.

Microsoft unveiled the Pluton processor, which is designed to thwart new and emerging attack vectors, in November 2020.

The company has already started using the processor to secure Xbox Ones and Azure Sphere microcontrollers, specifically against physical access attacks: where people with access to the device open it up and bypass security protections.

Such hacks are usually carried out by device owners who want to run unauthorised games or programmes for cheating (like the old Playstation 1 modchips to play copied games).

Pluton is essentially an evolution of the Trusted Platform Module (TPM), an international standard for a secure cryptoprocessor: a dedicated microcontroller designed to secure hardware through integrated cryptographic keys.

The Pluton security processor is integrated directly into a CPU die, where it stores cryptographic keys and other confidential data in a walled garden fully isolated from other system components.

The data stored in Pluton can't be removed, even when an attacker has full physical possession of the PC.

Pluton's Secure Hardware Cryptography Key (SHACK) technology also ensures that keys are never exposed outside of the protected hardware, even to the Pluton firmware itself.

'Our vision for the future of Windows PCs is security at the very core, built into the CPU, where hardware and software are tightly integrated in a unified approach designed to eliminate entire vectors of attack,' Microsoft said in November while announcing the Pluton.

'This revolutionary security processor design will make it significantly more difficult for attackers to hide beneath the operating system, and improve our ability to guard against physical attacks, prevent the theft of credential and encryption keys, and provide the ability to recover from software bugs.'

David Weston, Microsoft's Director of Enterprise and OS Security, said the Pluton processor's firmware will be updateable through Windows Update, along with standard industry controls.

"This tightly integrated hardware and software helps protect against security vulnerabilities by adding additional visibility and control, and provides a platform for innovation that allows customers to benefit from new features in future releases of Windows that leverage the Pluton hardware and, with this design, are adaptable to changes in the threat landscape," he added.

According to Microsoft, other chip companies and hardware makers are also working to integrate Pluton into upcoming products.

Intel and Qualcomm were part of the original Pluton announcement last year, along with AMD.