Microsoft unveils its most secure laptop yet and it’s powered by AMD Ryzen
All-new Surface Laptop 4 is the second Secured-core PC in the Surface portfolio
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Microsofthas announced that its adding anotherbusiness laptopto its lineup of Secured-core PCs with the unveiling of the all-newSurface Laptop 4powered by AMD Ryzen Mobile Processors.
The software giant’sSecured-core PCinitiative first launched back in 2019 and so farDell, Dynabook, Getac,HP,Lenovo, Fujitsu,Acer, Asus,Panasonicand Microsoft have created ultra-secure laptops designed to protect users against firmware level threats.
At the heart of the new Surface Laptop 4, is the Trusted Platform Module 2.0 (TPM) and aAMDRyzen Mobile Processor with System Guard to boot securely while minimizing the impact of firmware vulnerabilities. The device’s TPM 2.0 chip does this by sandboxing firmware to protect critical subsystems and sensitive data.
On Secured-core PCs, Kernel Direct Memory Access Protection is also pre-enabled to help ensure that the system is protect against malicious and unintended Direct Memory Access (DMA) attacks such asThunderspy. Meanwhile the TPM 2.0 chip serves as the hardware root-of-trust for the Surface Laptop 4 and can protect sensitive assets likeBitLocker keyswhile also making the device ready for Zero Trust security.
Firmware attacks
According to Microsoft’s Security Signals report from March of this year, a vast majority of enterprise customers have experienced at least onefirmware attackduring the past two years. In ablog post, the Microsoft Security Team provided further insight as to why there has been an increase in firmware attacks recently, saying:
“Firmware, which lives below theoperating system, is emerging as a primary target because it is where sensitive information like credentials and encryption keys are stored in memory. Many devices in the market today don’t offer visibility into that layer to ensure that attackers haven’t compromised a device prior to the boot process or at runtime bellow the kernel. And attackers have noticed.”
To address the growing number of firmware attacks, Microsoft has introduced its own Unified Extensible Firmware Interface (UEFI) to enable a secure and maintainable interface to manage firmware. Microsoft UEFI facilitates full transparency for its customers and was built using theopen sourceproject called Project Mu.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The software giant also built its own tools for managing and updating UEFI including Surface Enterprise Management Mode (SEMM). This can be used as either a stand-alone tool or integrated with Microsoft Endpoint Configuration Manager to manage the UEFI settings on a user’s Surface without having to hold Power button + Volume UP to boot straight into the UEFI.
While a release date has not yet been set for the new Surface Laptop 4 powered by AMD Ryzen Mobile Processors, the device joins theSurface Pro Xas the second secured-core PC offering in the Surface portfolio.
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
