Vole teamed up with chip and computer makers to apply "security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system".
Secured-core PCs will be available from Dell, Dynabook, HP, Lenovo, Panasonic, and Surface. Microsoft hasn't released a full list of Secured-core PCs, but two examples include HP's Elite Dragonfly and Microsoft's Surface Pro X.
Firmware is used to initialise the hardware and other software on the device. The firmware layer runs underneath the OS, where it has more access and privilege than the hypervisor and kernel. As a result, firmware is emerging as a top target for attackers since the malicious code can be hard to detect and difficult to remove, persisting even with an OS reinstall or a hard drive replacement.
Vole points to the National Vulnerability Database, which shows the number of discovered firmware vulnerabilities growing each year. As such, Secured-core PCs are designed for industries like financial services, government, and healthcare. They are meant for workers who handle highly sensitive IP, customer, or personal data that poses higher-value targets for nationstate attackers.