Lenovo unveiled today at CES 2022 the first Microsoft Pluton-powered Windows 11 PCs, the ThinkPad Z13 and Z16, with AMD Ryzen 6000 Series processors.
“The Microsoft Pluton is a security processor, pioneered in Xbox and Azure Sphere, designed to store sensitive data, like encryption keys, securely within the Pluton hardware, which is integrated into the die of a device’s CPU and is therefore more difficult for attackers to access, even if they have physical possession of a device,” explained David Weston, Director of Enterprise and OS Security at Microsoft.
“This design helps ensure that emerging attack techniques cannot access key material,” he added.
You can find more about Lenovo’s Pluton-powered ThinkPad Z13 and Z16 that come preloaded with Windows 11 by going here.
AMD also provides further details on their new Ryzen 6000 Series processors in this press release.
The Microsoft Pluton security processor
In November 2020, Microsoft announced it would integrate its Pluton security processor into Intel, AMD, and Qualcomm CPUs as an on-die chip to reduce the available attack surface on Windows PCs.
First introduced with the XBOX One and Azure Sphere, Pluton emulates a Trusted Platform Module (TPM) to protect the boot process, encryption keys, and credentials directly on the CPU with the end goal of blocking threat actors from gaining access to such sensitive data.
The on-die security processor also has built-in checks for firmware integrity to prevent malware from making malicious modifications.
If altered firmware is detected, the processor will securely patch it via Windows Update using up-to-date software directly from Microsoft.
“When Pluton is configured as the TPM 2.0 for a Windows 11 system, Pluton helps protect Windows Hello credentials by keeping them further isolated from attackers,” Weston said.
“Device encryption can use Pluton when it is configured as the TPM to securely protect encryption keys from physical attacks and help keep data safe from prying eyes.”
According to Weston, this is only “the start of the Pluton journey with the Windows ecosystem.”
He also added that customers should “look for updates from Microsoft and our partners in the future around expanded hardware availability of Pluton.”