Enhanced Security with Pluton and a Throwback to VDI - Yoshikazu Akutsu's Windows Weekly Report

ThinkPad X13s with Snapdragon 8cx Gen 3

As the JPCERT Coordination Center (JPCERT/CC) sounds a warning, infections with the malware "Emotet" are spreading again. For an overview and risks, please refer to the JPCERT/CC website, but PCs have always been exposed to cyberattacks in the past. [Image] Microsoft Pluton, a security subsystem that makes up Azure Sphere.In the 1980s, when I first touched a PC, several computer viruses appeared. Ransomware that encrypts the system and demands a ransom is rampant. It's no surprise that Windows 11 tightens system requirements to take security measures. At MWC 2022, which was held until the other day, Microsoft and Lenovo announced devices that utilize Microsoft Pluton technology. ThinkPad X13s with Snapdragon 8cx Gen 3, created by collaboration between Microsoft and Qualcomm. In its official blog at the end of February 2022, Microsoft emphasized that it was the ``Windows' first ARM platform built on the Microsoft Pluton security architecture,'' and that it was a solution that strongly protected end-user security. The installed processor was AMD Ryzen 6000 announced on another official blog in January 2022. Microsoft Pluton is a security subsystem that makes up Azure Sphere. Unlike a TPM (Trusted Platform Module) that secures security with a separate chip from the CPU, it provides security functions directly to the CPU and emulates the TPM to neutralize cyberattacks. Since around 2020, Microsoft has been working to spread Microsoft Pluton to hardware partners, and along with this announcement, major manufacturers other than Intel have partially started providing Microsoft Pluton-supported CPUs. As an end user, the focus will be on specifically "what can be prevented?" According to Microsoft's explanation, zero-day exploits (zero-day vulnerabilities), which are cyber attacks that exploit unannounced bugs, are deterred by HSP (Hardware Stack Protection) and PAC that prevents return address tampering. The effort itself to suppress malicious attacks with technology is wonderful. However, attack and defense are a cat-and-mouse game. In recent years, B2B companies have seen cyberattacks become an ecosystem (attack tools are distributed in the underground market, and even users without technical knowledge can become cyberattackers), so it is necessary to strengthen organizational security. is strongly recommended. The first thing I felt when I saw this announcement was, "Isn't VDI (virtual desktop infrastructure) enough?" Leaving aside corporations and organizations, I have come to think that Windows 365 is not a bad option, although there are still doubts as to whether it is cost-effective for consumers to use. Author: Yoshikazu Akutsu An IT writer born in 1972. After working as an editorial staff for various PC magazines such as general PC magazines, DOS/V magazines, and Windows magazines, became independent. While loving Windows and Linux, he has written many PC-related books. In recent years, not only BtoC but also BtoB solutions coverage and interviews are the main battlefield. I have been taking it every day without setting a liver-free day, but the γ-GTP level has increased sharply, and urgent action is required.

Yoshikazu Akutsu