Intel's 12th-gen Alder Lake processors will not include Microsoft's Pluton security

We can still hear the echoes of the launch fanfare from 2020

Microsoft's attempt to put its homegrown Pluton security processor architecture into third-party Windows 11 PCs is right now more work-in-progress than the slam dunk its publicity would have you believe.

Pluton is the software giant's move to define a level of security that should be baked into microprocessors that run its Windows OS. Pluton implementations are supposed to securely store and safeguard encryption keys, credentials, and other sensitive information, such as biometric data, within the processor package, making it difficult for miscreants to extract this info.

Microsoft announced Pluton in November 2020 in conjunction with Intel, Qualcomm, and AMD; the trio's chips were expected to implement Pluton as an embedded co-processor. Indeed, all three were publicly very excited about the whole affair. However, despite all that publicity and hype, reality isn't quite in alignment.

Intel isn't putting Pluton in its newest PC microprocessors, its 12th-generation Core family code-named Alder Lake, which started appearing in laptops this month.

"Intel's 12th Gen platforms do not support Pluton," an Intel spokesman told The Register this week.

Instead, the semiconductor manufacturer is offering its own suite of security defenses within Alder Lake, a technology dubbed Platform Trust Technology. This provides a Trusted Platform Module 2.0, which is a prerequisite for Windows 11 PCs, meaning the OS will run as normal.

Intel told us PTT has been tested in billions of devices already. That's because Intel has shipped chipsets with PTT for years as a way of bringing TPM-level capabilities to systems. Intel dominates the x86 PC market, where it has a 74 per cent market share, while AMD has 26 per cent.

PC makers

Lenovo this week announced new ThinkPads powered by Intel and AMD parts. A Lenovo spokesperson told The Register these Intel-based ThinkPads "will not support Microsoft Pluton at launch."

ThinkPads coming this year with AMD Ryzen 6000 processors will have Pluton inside, but it "will be disabled by default on 2022 Lenovo ThinkPad platforms," a Lenovo spokesperson previously told The Register. AMD included Pluton in its Ryzen 6000 family, introduced in January, and is providing the option for users to turn it on and off.

Lenovo also introduced the ThinkPad X13s Windows 11 laptop, which has Qualcomm's Arm-based Snapdragon 8cx Gen3 system-on-chip. This processor integrates Microsoft's Pluton TPM.

A Dell spokesperson declined comment to on whether it would include Pluton in its upcoming PCs, saying "the company is evaluating options." HP did not return requests for comment.

To be clear, Pluton isn't a requirement for running Windows 11. Pluton – which can can act as a TPM baked onto the processor die – is supposed to, for one thing, stop people from sniffing secrets transferred across a motherboard bus, and instead keep that data within the processor chip.

Pluton's origins can be traced back to a hardware security layer in the Xbox family. Microsoft's efforts to push its own CPU-level security architecture inside PCs raised concerns it was locking equipment exclusively to Windows 11. Chip makers have clarified that users will be able to install Linux and any other compatible OS on their PCs whether they have Pluton or not.

A Microsoft spokesperson told The Register Pluton was developed with processor makers with a long-term vision to improve security all the way down to the chipset level. As such, it will take time for Pluton to show up in silicon, we're told. Which is understandable given the timescales involved in developing and fabricating state-of-the-art microprocessors, though people may not have had that impression from Pluton's launch.

"As with any novel hardware technology, adoption is based on roadmap, supply chain, and unique customer needs so implementation takes time – similar to adoption of USB 4, TPM 2.0, etc," the Microsoft spokesperson said in an email.

Apple has also integrated its own security chip called T2 in Macs, while Google is using its Titan security silicon in its Pixel devices.

Microsoft is instead relying on the ecosystem and its partners to drive adoption. The intent of Pluton was to provide choice to customers, and it can be offered with or without a third-party TPM 2.0 chip, the Microsoft spokesperson said.

"As the threat landscape continues to evolve, this integration of hardware and software enables the ecosystem to update and dynamically add new security capabilities to hardware through Windows Update," the spokesperson said. ®

Other stories you might like

  • Azure issues not adequately fixed for months, complain bug hunters
    Redmond kicks off Patch Tuesday with a months-old flaw fix

    Updated Two security vendors – Orca Security and Tenable – have accused Microsoft of unnecessarily putting customers' data and cloud environments at risk by taking far too long to fix critical vulnerabilities in Azure.

    In a blog published today, Orca Security researcher Tzah Pahima claimed it took Microsoft several months to fully resolve a security flaw in Azure's Synapse Analytics that he discovered in January. 

    And in a separate blog published on Monday, Tenable CEO Amit Yoran called out Redmond for its lack of response to – and transparency around – two other vulnerabilities that could be exploited by anyone using Azure Synapse. 

    Continue reading
  • Intel demos multi-wavelength laser array integrated on silicon wafer
    Next stop – on-chip optical interconnects?

    Intel is claiming a significant advancement in its photonics research with an eight-wavelength laser array that is integrated on a silicon wafer, marking another step on the road to on-chip optical interconnects.

    This development from Intel Labs will enable the production of an optical source with the required performance for future high-volume applications, the chip giant claimed. These include co-packaged optics, where the optical components are combined in the same chip package as other components such as network switch silicon, and optical interconnects between processors.

    According to Intel Labs, its demonstration laser array was built using the company's "300-millimetre silicon photonics manufacturing process," which is already used to make optical transceivers, paving the way for high-volume manufacturing in future. The eight-wavelength array uses distributed feedback (DFB) laser diodes, which apparently refers to the use of a periodically structured element or diffraction grating inside the laser to generate a single frequency output.

    Continue reading
  • Microsoft continues cyber security spending spree with Miburo buy
    Brains to be added to the Customer Security and Trust in defense against 'foreign adversaries'

    Microsoft has opened its wallet once more to pick up New York-based cyber-threat analyst Miburo.

    Founded by Clint Watts in 2011, Miburo is all about the detection of and response to foreign (in the context of the US) information operations. The team is to be folded into Microsoft's Customer Security and Trust organization and the work of its analysts is to be fed into the Windows giants' threat detection and analysis capabilities.

    "Miburo," said Microsoft, "has become a leading expert in identification of foreign information operations." Its research teams have hunted out some nasty influence campaigns over 16 languages.

    Continue reading

Biting the hand that feeds IT © 1998–2022