Microsoft’s custom security work could mean faster or slower security updates, depending on how they’re handled.
What you need to know
- Microsoft developed a custom UEFI for Surface Duo’s firmware.
- The company says this will allow it to review every line of firmware code.
- This should allow Microsoft to “respond directly and agilely, to potential firmware threats,” the company says.
After launching the Surface Duo last week, Microsoft published documentation on its approach to security in hte new device. A lot of the security features Microsoft outlines are standard for any Android phone. However, there are a couple of custom bits that stand out.
The most notable addition is Microsoft’s “custom engineered” Unified Extensible Firmware Interface (UEFI). This gives Microsoft “full control” over firmware components, and it’s somethign the company already uses in its other Surface devices.
“Microsoft delivers Enterprise-grade security to Surface Duo by writing or reviewing every line of firmware code in house, enabling Microsoft to respond directly and agilely, to potential firmware threats and to mitigate supply chain security risks,” Microsoft says in its documentation. Notably, that means Microsoft could act independently and more quickly address any firmware vulnerabilities it detects.
On the other hand, it could mean an Android patch wouldn’t be compatible with Duo and could take more engineering time to apply. This is something we already see with other high-end Android phones, so it wouldn’t be surprising. However, it will be interesting to see what the pace of security updates from Microsoft is once it launches.
The second notable addition from Microsoft is Microsoft Defender ATP. This is an “enterprise grade antivirus and malware protection software” that is available across both Windows 10 and Android devices. Note that this requires Android devices to be managed through Intune.
Because Surface Duo is being pitched as a productivity device, security is an important piece of the puzzle. Leaning on Android’s standard set of security and management features should make it easier for large companies and organizations to adopt, and Microsoft’s custom UEFI augments those capabilities.
Surface Duo is availabke to preorder now starting at $1,400 from Microsoft, Best Buy, and AT&T.
Microsoft Surface Duo
From $1,400 at Microsoft
From $1,400 at Best Buy
From $1,400 at AT&T
Two screens are better than one.
Microsoft delves into the future of foldables with an ambitious dual-screen device, featuring two ultra-thin 5.6-inch AMOLED displays bound by a 360-degree hinge. This pocketable inking-enabled Android smartphone marks the latest in the Surface lineup, geared for mobile productivity.