With the Surface Laptop 4, Microsoft has expanded the number of certified configurations that can claim to host its Secured Core platform.
There is a growing consensus that despite its aging industrial design, the Surface Laptop 4 is the most refined computing experience the company has put forth to date. In addition to GPU and battery improvements, Microsoft has also refined the Surface Laptop 4’s security platform to support AMD Ryzen processors.
At the heart of the Surface Laptop 4, the device leverages the Trusted Platform Module 2.0 (TPM) and the AMD Ryzen™ Mobile Processors with System Guard to boot securely and minimize the impact of firmware vulnerabilities by sandboxing firmware to protect critical subsystems and sensitive data. Kernel Direct Memory Access Protection is pre-enabled on these devices, helping to ensure that the system is protected against malicious and unintended Direct Memory Access (DMA) attacks for all DMA-capable devices, such as PCI devices, thwarting the entire class of drive-by DMA attacks like Thunderspy.
The TPM 2.0 serves as the hardware root-of-trust for the Surface Laptop 4. With hardware protections for sensitive assets like BitLocker keys and security measurements for the state of the system, the TPM 2.0 helps make the Surface Laptop 4 ready for Zero Trust security.
We reported on Microsoft’s Secured Core platform a while back, for those unfamiliar with the company’s kernel-level security protection.
As a quick refresher, Microsoft’s Secured Core PCs make use of hardware rooted security to launch systems into a ‘trusted state’ to mitigate the number of potential firmware vulnerable exploits while also protecting user identities through an isolated VBS environment.
Company’s such as Acer, Asus, Dell, Dynabook, HP, and Lenovo have partnered with Microsoft to deliver hardware and firmware securities to businesses through its Secured Core platform, and now the company is adding AMD’s Ryzen Mobile Processors to the mix via the Surface Laptop 4.
While the public didn’t recieve a shiny new hardware change with the Surface Laptop 4, it does seem the numerous incremental upgrades its recieved, including additional variants that support Secure Core certification, are adding up to a pretty impressive 2021 computing release for Microsoft.