Recently, researchers demonstrated a hardware attack called Thunderspy, which is dangerously fast and cannot be detected by conventional security measures. The attack is known to easily bypass Intel’s Thunderbolt security features, allowing attackers to copy memory information from locked and encrypted PCs. The good news is that Microsoft explained today that Secured-core protects Windows PCs from attacks such as Thunderspy.
Secured-core is known to provide comprehensive protection by using defense-in-depth policies to protect Windows PCs, such as Windows Defender system protection, and virtualized security (VBS) to mitigate risks across multiple areas.
In addition, Secured-core incorporates hardware and firmware-grade DMA protection, which is enabled by default in the Windows operating system.
Unless you have an authorized login and the screen is unlocked, this feature prevents external devices from starting and executing The DMA with the help of a memory input/output management unit (IOMMU).
Secured-core PCs also enable dispaletals to protect code integrity (HVCI) by default, enable VBS with system managers, and isolate code integrity subsystems to verify the signature of all kernel code.
In addition to isolation checks, HVCI ensures that kernel code is neither writeable nor executable, ensuring that unverified code cannot be executed. Original equipment manufacturers must meet the stringent requirements listed by Microsoft in order to be certified accordingly.
Microsoft is understood to have released its Secured-core PC for the first time in 2019. It combines hardware, firmware, software, identity protection, and more to create the most secure Windows 10 devices available today, making it ideal for customers in government, finance, healthcare, and other industries.