The company partnered with both chip and device makers to apply “security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system”.
Secured-core PCs will be available from a wide variety of device makers including Dell, Dynabook, HP, Lenovo, Panasonic and Microsoft. While the full list of Secured-core PCs has not yet been released, two notable examples include HP's Elite Dragonfly and Microsoft's Surface Pro X.
- Microsoft warns on Windows 7 Pro end of life
- Firmware security has barely improved over last decade
- Qualcomm patches major chip security flaw
As malicious code on the firmware layer can be hard to detect and even more difficult to remove, firmware has emerged as a top target for cybercriminals. According to the National Vulnerability Database, the number of discovered firmware vulnerabilities are growing each year.
To be classified as a Secured-core PC, a device needs to be running Windows Defender's System Guard Secure Launch which is available on newer hardware from AMD, Intel and Qualcomm. System Guard uses firmware to start the hardware and then shortly after it reinitializes a system into a trusted state.
Secured-core PCs also required the Trusted Platform Module (TPM) 2.0 as it allows admins to measure the components used to verify that a device is booted securely. Windows also monitors and restricts the functionality of potentially dangerous firmware by using System Management Mode (SMM).
Microsoft's new initiative is not for everyone and is instead intended for industries such as financial services, government and healthcare. Secured-core PCs are also for those who handle highly sensitive intellectual property or personal data that is the target of state-sponsored hackers.
While experts have yet to test the added security of Secured-core PCs, these machines are designed to boot securely, protect users from firmware vulnerabilities and prevent unauthorized access to devices and the sensitive data and credentials they store.
- Secure your data on the go with the best secure drives of 2019
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.