deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 19:03:46 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

changes based on feedback

Browse Source
This commit is contained in:
Vinay Pamnani
2022-09-19 17:07:42 -04:00
parent 6470c1231e
commit b9776c6209
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/information-protection/pluton/microsoft-pluton-security-processor.md
View File

@ -43,7 +43,7 @@ Pluton Security subsystem consists of the following layers:
## Firmware load flow
When the system boots, Pluton hardware initialization is performed by loading the Pluton firmware from the Serial Peripheral Interface (SPI) flash storage available on the motherboard. During Windows startup however, the latest version of the Pluton firmware is loaded in the operating system. If newer firmware is not available, Windows loads the firmware that was loaded during the hardware initialization. The diagram below illustrates this process:
When the system boots, Pluton hardware initialization is performed by loading the Pluton firmware from the Serial Peripheral Interface (SPI) flash storage available on the motherboard. During Windows startup however, the latest version of the Pluton firmware is used by the operating system. If newer firmware is not available, Windows uses the firmware that was loaded during the hardware initialization. The diagram below illustrates this process:
![Diagram showing the Microsoft Pluton Firmware load flow](../images/pluton/pluton-firmware-load.png)

4
windows/security/information-protection/pluton/pluton-as-tpm.md
View File

@ -27,9 +27,9 @@ To learn more about the TPM related scenarios that benefit from Pluton, see [TPM
## Microsoft Pluton as a security processor alongside discrete TPM
Microsoft Pluton can be used as a TPM, or in conjunction with a TPM. Although Pluton builds security directly into the CPU, OEMs may choose to use discrete TPM for multiple reasons, most common being the requirement for TPM to pass industry certification criteria like [Common Criteria TPM Protection Profile](https://www.commoncriteriaportal.org/files/ppfiles/anssi-cc-pp-2020_01_pp.pdf). OEMs can configure devices to use a discrete TPM 2.0 while having Pluton available to the system as a security processor for use cases beyond the TPM.
Microsoft Pluton can be used as a TPM, or in conjunction with a TPM. Although Pluton builds security directly into the CPU, device manufacturers may choose to use discrete TPM as the default TPM, while having Pluton available to the system as a security processor for use cases beyond the TPM.
Pluton is integrated within the SoC subsystem, and provides a flexible, updateable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft. We encourage users owning devices that are Pluton capable, to enable Microsoft Pluton as the default TPM.
Pluton is integrated within the SoC subsystem, and provides a flexible, updatable platform for running firmware that implements end-to-end security functionality authored, maintained, and updated by Microsoft. We encourage users owning devices that are Pluton capable, to enable Microsoft Pluton as the default TPM.
## Enable Microsoft Pluton as TPM