Even full disk encryption cannot protect you if your PC firmware is compromised, so Secured-core PCs will use the CPU to check if UEFI tells the truth about safe booting.
Dealing with endpoint protection without overwhelming professionals with information overload
Chris Bell, director of product management at Secureworks, describes the difficult balance of finding useful information for security professionals without exhausting them with information overload.
Since Windows 8 and Server 2012, Windows has used UEFI to check the signatures on the startup drivers, firmware drivers, and the operating system itself to make sure the code has not been tampered with (for example, by a rootkit) and then all installed anti-malware software before you launch another code.
If you have a TPM, Windows can use it to store measurements of the boot items and pass them on to the anti-malware software so that it knows that those items have been checked. Windows 10 can also use Hyper-V to protect the Windows logon process against Virtualization Based Security (malware), although you must enable it on all but the latest Arm-based PCs.
SEE: 20 pro tips to make Windows 10 work the way you want (free PDF) (TechRepublic)
But that all assumes that you can trust UEFI and the other firmware on the PC. If the firmware itself has been compromised, it may be against the anti-malware software – and even formatting and reinstalling the operating system will not remove it from the PC. As Windows becomes more difficult to attack itself, hackers turn to firmware attacks, including System Management mode (an Intel CPU function for power management, thermal monitoring, and other hardware configuration).
Firmware consists of millions of lines of code and it is not just that every OEM writes its own firmware – they may have different versions of firmware for different PCs. That code works with a very high privilege, it is often difficult to update, and like other software, it will contain bugs. More firmware vulnerabilities are discovered and abused in attacks – the anti-theft functions were used in firmware to, for example, locate a stolen PC to keep track of where the user was every day.
Instead of relying on OEMs’ ability to quickly resolve firmware bugs, Secured-core PCs completely change the way Windows starts up by no longer trusting the firmware – just the CPU, the TPM, and the Windows code.
Secured-core PCs apply the best security methods of isolation and minimal confidence to the firmware layer that underlies Windows.
Image: Microsoft
“Given the increase in firmware attacks that we have seen in the last three years alone, the goal was to remove firmware as a familiar part of the boot process, so we prevent this kind of advanced firmware attacks,” Dave Weston, director of OS security at Microsoft, TechRepublic said.
The first line of the Windows boot loader on secure core PCs puts the CPU in a new security state where, instead of accepting the measurements made during Secure Boot, although they are in the TPM, it goes back and the measurement re-validates. If they do not match, the PC will not start and will go to BitLocker recovery mode instead. If you manage the PC via Intune, it also sends a signal to the service that the device cannot be trusted and should not be allowed to connect to your network.
“These PCs use the latest silicon from AMD, Intel and Qualcomm with the Trusted Platform Module 2.0 and Dynamic Root of Trust (DRTM) built in. The root of trust is a set of functions in the trusted computer module that is always trusted by the operating system of a computer and embedded in the device, “Weston explains. “Creating a hardware-based root or trust means that we add hardware-level functionality to ensure that the device starts up securely and malware has not invaded the firmware.”
“The root of trusting a secure core PC is the CPU itself. When the Windows bootloader is executed, the System Guard Secure Launch calls DTRM instructions on the CPU to remove trust in firmware,” says Weston. “Measurements are performed throughout the process in the TPM of the critical Windows startup items. The measured items are a relatively small set from Microsoft and the CPU vendor, which limit the number of things we need to measure and take steps to take such as keeping track of OEM / firmware vendor code. “That prevents Secure Boot from delaying startup.
Windows cannot use the Dynamic Root of Trust or Secure Launch to prevent vulnerabilities in system management mode in the same way because it loads too early – but it is important to protect it because it has even more rights to the system than the hypervisor. To resolve this, Microsoft partnered with silicon vendors to find out what SMM should do and redesigned the memory calling system in Windows to lock important memory pages so that they cannot be changed. SMM can still turn on the power light on your laptop, but it can no longer change the memory used by the hypervisor. An attacker can still compromise with SMM, but that no longer allows him to compromise the rest of the system.
Secured core PCs also enable all optional Windows 10 security features, such as HyperVisor Code Integrity, which can only run signed drivers and prevent many Return-Oriented Programming attacks such as WannaCry.
When you lock a PC with a secure core, you cannot install a new DMA device connected via Thunderbolt until you unlock the device with a pin code or biometric data. This prevents attackers from gaining physical access to your machine and otherwise connecting a malicious device disguised as a cable (which you can create with parts sold on eBay and code available on GitHub).
If you manage PCs with Intune, administrators may need secure PCs to access highly confidential documents. Intune can also look at the measurements taken to show the health of the PC while you use it. This means that if it is compromised and an attacker disables the antivirus software, so that they are not detected, for example, it will appear as a suspicious change that can use conditional access policies to block the PC.
Weston compares that with fraud-resistant stamps on medicine packages: “We have gone from a world where I can open one PC and laterally go through your entire network, to a world where the cloud will reject you if the CPU doesn’t believe the machine.”
Patching older PCs
There are options that PC makers can take without going as far as Secured core, such as using Windows Update to deliver automatic firmware updates, so that any patches are applied as quickly as possible. UEFI still ensures the actual installation of the updates, but this means you don’t have to rely on users who go to the OEM website to look for firmware updates (or administrators test and push), so you are more likely the latest, safest version of the firmware.
Surface devices already do this and Microsoft has the basis of the Surface UEFI firmware as Project Mu open source in an effort to give OEMs a head start on their own secure firmware. If your PC doesn’t, Weston suggests that “end users can reduce their risk by ensuring that UEFI Secure Boot is enabled in BIOS settings and by regularly checking their device OEM website for updated firmware and drivers.”
You can also enable Secure Launch on existing PCs with Windows 10 Pro version 1809 or higher, as long as they have Intel Coffee Lake / Qualcomm Snapdragon 850 and later CPUs and TPM 2.0. It is not enabled by default: you can enable it in Settings / Update and security / Windows security / Open Windows security / Device security / Crown insulation / Firmware protection.
Secure Launch can be enabled on PCs with Intel Coffee Lake / Qualcomm Snapdragon 850 or higher CPUs and TPM 2.0, but is not enabled by default.
Image: Microsoft
This uses the TPM as a Dynamic Root of Trust for the same measurements, provides the same page protection and system management mode supervision and lets you use Intune or SCCM to check for tampering in the same way. If you have the right hardware to enable it, you should definitely do that.
The reason why Microsoft and the OEMs have worked together to create secure core PCs is that it is important for regulated companies to have security enabled at the factory when the TPM is delivered – before the PC can ever be compromised brought. “These PCs are specifically designed for highly targeted industries that process super-sensitive data and require additional, built-in security layers,” Weston noted.
SEE: Cheatsheet: Microsoft Surface Pro 7 (free PDF) (TechRepublic)
Moreover, they also rely on specific CPU functions that older PCs simply do not have, so you may not have systems that support Secure Launch. If you want to use virtualization-based security (which sets up several small, fast, invisible VMs on the PC for functions such as Credential Guard), you need to check if they were working on your PCs and then make sure they don’t break drivers or compromise performance. reduce a lot. Now you can just buy a PC that you know will work.
One of the most useful things about protected core PCs is that it is difficult for many companies to select a PC with the right features to enable all Windows security options, because the list of devices approved for purchase in a large organization often outdated You need TPM 2.0 to make BitLocker and Windows Hello as safe as possible and to store other encryption keys. Just having such a label will make it easier to choose a PC that can take advantage of the security features that are already in Windows.
Weekly newsletter from Microsoft
Be Microsoft’s insider for your business with the help of these Windows and Office tutorials and the analyzes of our experts on Microsoft business products.
Delivered on Monday and Wednesday
Register today
