<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Query on Critical Security Update for SGX  in Intel® Software Guard Extensions (Intel® SGX)</title>
    <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172209#M3244</link>
    <description>&lt;P&gt;&lt;SPAN style="font-size: 1em;"&gt;Hi,&lt;/SPAN&gt;&lt;BR /&gt;
	&lt;BR /&gt;
	We have noticed a critical update for SGX, which doesn't seem to affect the notebook I am working on.&lt;BR /&gt;
	&lt;BR /&gt;
	&lt;A href="https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&amp;amp;languageid=en-fr"&gt;https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&amp;amp;languageid=en-fr&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;The advisory mentioned that it affects only the following: "&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;Intel Server Systems, NUC, and Compute Stick"&lt;BR /&gt;
	&lt;BR /&gt;
	However, it also mentioned that "&amp;nbsp;The improvement applies to 6&lt;/SPAN&gt;&lt;SPAN style="box-sizing: border-box; font-size: 11.25px; line-height: 0; position: relative; vertical-align: baseline; top: -0.5em; color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif;"&gt;th&amp;nbsp;&lt;/SPAN&gt;&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;and 7&lt;/SPAN&gt;&lt;SPAN style="box-sizing: border-box; font-size: 11.25px; line-height: 0; position: relative; vertical-align: baseline; top: -0.5em; color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif;"&gt;th&lt;/SPAN&gt;&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;&amp;nbsp;Generation Intel® Core™ Processor Families, Intel® Xeon® E3-1500M v5 and v6 Processor Families, and Intel® Xeon® E3-1200 v5 and v6 Processor Families."&lt;/SPAN&gt;&lt;/P&gt;

&lt;P&gt;Since my laptop is a 7th Gen Intel Core Processor, it is affected by the critical security hole found by Intel right? &amp;nbsp;However, I would think that there are no security updates yet? &amp;nbsp;Can anyone from Intel confirm this information please?&lt;/P&gt;

&lt;P&gt;Thank you.&lt;BR /&gt;
	&lt;BR /&gt;
	Kind Regards,&lt;BR /&gt;
	Elephant&lt;/P&gt;</description>
    <pubDate>Thu, 24 Aug 2017 05:37:49 GMT</pubDate>
    <dc:creator>Elephant</dc:creator>
    <dc:date>2017-08-24T05:37:49Z</dc:date>
    <item>
      <title>Query on Critical Security Update for SGX</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172209#M3244</link>
      <description>&lt;P&gt;&lt;SPAN style="font-size: 1em;"&gt;Hi,&lt;/SPAN&gt;&lt;BR /&gt;
	&lt;BR /&gt;
	We have noticed a critical update for SGX, which doesn't seem to affect the notebook I am working on.&lt;BR /&gt;
	&lt;BR /&gt;
	&lt;A href="https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&amp;amp;languageid=en-fr"&gt;https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&amp;amp;languageid=en-fr&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;The advisory mentioned that it affects only the following: "&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;Intel Server Systems, NUC, and Compute Stick"&lt;BR /&gt;
	&lt;BR /&gt;
	However, it also mentioned that "&amp;nbsp;The improvement applies to 6&lt;/SPAN&gt;&lt;SPAN style="box-sizing: border-box; font-size: 11.25px; line-height: 0; position: relative; vertical-align: baseline; top: -0.5em; color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif;"&gt;th&amp;nbsp;&lt;/SPAN&gt;&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;and 7&lt;/SPAN&gt;&lt;SPAN style="box-sizing: border-box; font-size: 11.25px; line-height: 0; position: relative; vertical-align: baseline; top: -0.5em; color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif;"&gt;th&lt;/SPAN&gt;&lt;SPAN style="color: rgb(17, 17, 17); font-family: 'Intel Clear', 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 15px;"&gt;&amp;nbsp;Generation Intel® Core™ Processor Families, Intel® Xeon® E3-1500M v5 and v6 Processor Families, and Intel® Xeon® E3-1200 v5 and v6 Processor Families."&lt;/SPAN&gt;&lt;/P&gt;

&lt;P&gt;Since my laptop is a 7th Gen Intel Core Processor, it is affected by the critical security hole found by Intel right? &amp;nbsp;However, I would think that there are no security updates yet? &amp;nbsp;Can anyone from Intel confirm this information please?&lt;/P&gt;

&lt;P&gt;Thank you.&lt;BR /&gt;
	&lt;BR /&gt;
	Kind Regards,&lt;BR /&gt;
	Elephant&lt;/P&gt;</description>
      <pubDate>Thu, 24 Aug 2017 05:37:49 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172209#M3244</guid>
      <dc:creator>Elephant</dc:creator>
      <dc:date>2017-08-24T05:37:49Z</dc:date>
    </item>
    <item>
      <title>Hi,</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172210#M3245</link>
      <description>&lt;P&gt;Hi,&lt;/P&gt;

&lt;P&gt;I believe that the OEM should provide the BIOS update. Make sure to look for this update in your laptop manufacturer's website, or contact them to know when the update will be provided.&lt;/P&gt;

&lt;P&gt;Regards,&lt;/P&gt;

&lt;P&gt;Rodolfo&lt;/P&gt;</description>
      <pubDate>Thu, 24 Aug 2017 13:43:23 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172210#M3245</guid>
      <dc:creator>Rodolfo_S_</dc:creator>
      <dc:date>2017-08-24T13:43:23Z</dc:date>
    </item>
    <item>
      <title>The advisory also has a note</title>
      <link>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172211#M3246</link>
      <description>&lt;P&gt;The advisory also has a note about remote attestation but the note doesn't say what exact changes. Does this mean an air-gapped machine will need to be brought online?&lt;/P&gt;

&lt;P&gt;There was a talk in BlackHat this year about SGX Remote attestation by some cryptographer ( see Valerie Fenwick notes &lt;A href="https://bubbva.blogspot.com/2017/08/bhusa17-sgx-remote-attestatin-is-not.html" target="_blank"&gt;https://bubbva.blogspot.com/2017/08/bhusa17-sgx-remote-attestatin-is-not.html&lt;/A&gt; ). He outlined some problems related to current remote attestation. For example a service provider cannot locally verify Remote Attestation even if you have the public key. This is a problem we are currently dealing with because our private cloud is air-gapped. Will Intel address these problems in this upcoming release?&lt;/P&gt;</description>
      <pubDate>Mon, 28 Aug 2017 19:42:15 GMT</pubDate>
      <guid>https://community.intel.com/t5/Intel-Software-Guard-Extensions/Query-on-Critical-Security-Update-for-SGX/m-p/1172211#M3246</guid>
      <dc:creator>SSuma1</dc:creator>
      <dc:date>2017-08-28T19:42:15Z</dc:date>
    </item>
  </channel>
</rss>

