In-depth dive into security features of Intel/Windows platform secure boot process

Click for: original source

This blog post is an in-depth dive into the security features of the Intel/Windows platform boot process. In this post I’ll explain the startup process through security focused lenses, next post we’ll dive into several known attacks and how they were handled by Intel and Microsoft. By Igor Bogdanov.

The article explains why Microsoft’s SecureCore is so important and necessary:

  • Introduction and System Architecture
  • Overview
  • Early power on
  • Bring-Up (BUP)
  • CPU initialization
  • UEFI initialization
  • Windows Boot
  • Other OSs
  • More protections

The Intel platform is based on one or two chips. Small systems have one, the desktop and server ones are separated to a CPU complex and a PCH complex (PCH = Platform Controller Hub).

Intel platform


This is an excellent article with plenty of links to other resources and schemas explaining the main concepts. Well done!

[Read More]

Tags infosec cio cloud miscellaneous learning performance