Microsoft Unveils New 'Secured-core' PC Protection

John Lister's picture

Microsoft is working with PC makers to tackle malware that strikes before Windows is loaded into memory. It's adapting a technology currently used for the Xbox games console.

The "Secured-core" initiative is designed to overcome a big limitation with most Windows security tools: they only work once Windows is already running. That doesn't tackle malware that targets the computer's firmware.

This is software, usually called BIOS or UEFI, than runs immediately when a PC is switched on. Its main role is to check all the hardware is in place and connected, then load up the operating system such as Windows. Normally it runs so quickly that the user will barely notice it before the Windows load screen appears.

Security Checks Kept Secret

The problem is that firmware has access to the hard drive, so if its compromised by malware, it can be extremely difficult to remove. A common example is ransomware, which (truthfully or otherwise) tells the user their hard drive files are encrypted and demands a payment to restore access.

Secured-core is a set of requirements that PC makers can adopt in order to use the branding and appeal to buyers. It covers a set of protections that kick in before Windows loads. The technology and processes it uses are extremely complicated but one of the key principle is that the computer's processors will be set to carry out a series of security checks during the boot up.

The instructions for these checks will be encrypted and the key for decrypting it will only be provided to approved manufacturers. That reduces the likelihood of malware being able to fool or bypass the checks.

Games Console An Inspiration

Perhaps surprisingly, the technology is based on protections used on the Xbox games console. In that case the console is heavily protected, not against external hackers but the console owner themselves. The idea there is to reduce the likelihood of the owner being able to hack the console to run unlicensed (pirated) games. (Source: zdnet.com)

Several major manufacturers have already been granted Secured-core status. At the moment, relevant PCs are mainly aimed at businesses and people who have particularly strong security needs, but it may roll out to the wider consumer market later on.

Unlike some previous similar technologies such as Secure Boot in Windows 8, owners of Secured-core PCs could still install non-Windows systems such as those based on Linux. (Source: techradar.com)

What's Your Opinion?

Have you given any thought to security threats that kick in before Windows loads? Would Secured-core status influence your PC buying choice? Would you be prepared to pay extra for such a PC?

Rate this article: 
Average: 4.4 (7 votes)

Comments

LouieLouEye's picture

This has me wondering what it will take to be an approved manufacturer. Will home builders and boutique sellers be excluded?

1jimlang_6864's picture

I think this is a great idea and to answer LouieLouEye question.
I think this would be incorporated into the motherboard of approved manufacturers.
So wouldn't affect home builders and boutique sellers. In fact that added security, could be a good selling point for boutique sellers and home builders alike.
The only question is will that security be outside of bios updates?
To prevent hackers install get rounds that make present windows/linux/mac AV and malware tools invalid.

buzzallnight's picture

before malware!
Remember the Commodore 64?

The BIOS if there was one
and the BASIC operating system was in ROM!!!!!!!!!!!!!!!!!!!!!

No changes were possible.

Any updates had to be done by replacing the ROMs

Of course this would not work for M$ products
because even after 1000s of updates their software is still trash!!!!!!!!!!

But maybe some company could get American programmers to write their software?
and then put in ROMs
and hacking would become a thing of the past.

roxy.craig42_4505's picture

What has taken them so long?????? There are way more PC's out there than Xbox game consoles and I doubt there are many Xboxes in business environments!