Microsoft has been building firmware-level defenses into Windows 10 Secured-Core PCs for the enterprise, and now it’s bringing similar capabilities to its enterprise antivirus software, Microsoft Defender Advanced Threat Protection (ATP).
Secured-core PCs include a handful of Windows 10 PCs, including the Surface Pro X, HP Elite Dragonfly, Dell Latitude 7400, and fourth-generation Lenovo ThinkPad X1 Yoga.
One of the key hardware-level protections these offer is kernel Direct Memory Access (DMA) protection, which can mitigate hands-on attacks that exploit, for example, the Thunderbolt interface to steal data from memory.
Others include Trusted Platform Module (TPM), virtualization-based security, Windows Defender System guard, hypervisor-protected code integrity (HVCI), and tools to block unverified code execution.
This breed of PCs are aimed at organizations in the sights of state-backed hackers, such as the Russian group, Fancy Bear, and some recent strains of ransomware.
The new Unified Extensible Firmware Interface (UEFI) scanner in