Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Elephant
Beginner
83 Views

Query on Critical Security Update for SGX

Hi,

We have noticed a critical update for SGX, which doesn't seem to affect the notebook I am working on.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00076&languageid=en-fr

The advisory mentioned that it affects only the following: "Intel Server Systems, NUC, and Compute Stick"

However, it also mentioned that " The improvement applies to 6
th and 7th Generation Intel® Core™ Processor Families, Intel® Xeon® E3-1500M v5 and v6 Processor Families, and Intel® Xeon® E3-1200 v5 and v6 Processor Families."

Since my laptop is a 7th Gen Intel Core Processor, it is affected by the critical security hole found by Intel right?  However, I would think that there are no security updates yet?  Can anyone from Intel confirm this information please?

Thank you.

Kind Regards,
Elephant

0 Kudos
2 Replies
Rodolfo_S_
New Contributor III
83 Views

Hi,

I believe that the OEM should provide the BIOS update. Make sure to look for this update in your laptop manufacturer's website, or contact them to know when the update will be provided.

Regards,

Rodolfo

SSuma1
Beginner
83 Views

The advisory also has a note about remote attestation but the note doesn't say what exact changes. Does this mean an air-gapped machine will need to be brought online?

There was a talk in BlackHat this year about SGX Remote attestation by some cryptographer ( see Valerie Fenwick notes https://bubbva.blogspot.com/2017/08/bhusa17-sgx-remote-attestatin-is-not.html ). He outlined some problems related to current remote attestation. For example a service provider cannot locally verify Remote Attestation even if you have the public key. This is a problem we are currently dealing with because our private cloud is air-gapped. Will Intel address these problems in this upcoming release?

Reply