Windows 10 security: Microsoft reveals ‘Secured-core’ to block firmware attacks>
ZD Net – Liam Tung
The new layer of security is for high-end PCs and the first Windows 10 ‘Secured-core’ PC is the Arm-powered Surface Pro X. At its heart, the new firmware protection comes from a Windows Defender feature called System Guard. That feature is intended to protect Windows 10 PCs from new attacks used by the likes of state-sponsored hacking group APT28 or Fancy Bear, which was caught late last year using a novel Unified Extensible Firmware Interface (UEFI) rootkit to target Windows PCs. Â

“It’s pretty similar to what other manufacturers might be doing with a specific security chip, but we are doing this across all different manners of CPU architectures and OEMs, so we can bring this to a much broader audience, and they can select the form factor or product that matches them but with the same security guarantees as if Microsoft created it.” Microsoft already has Secure Boot. However, that feature assumes the firmware is trusted to verify bootloaders, meaning attackers can exploit trusted firmware. APT28’s rootkit was not properly signed, which meant Windows PCs with Windows Secure Boot enabled were not vulnerable because the system only permits signed firmware to load.
Link: https://www.zdnet.com/article/windows-10-security-microsoft-reveals-secured-core-to-block-firmware-attacks/