![]() ![]() If leveraging the Intel® Software Guard Extensions Attestation Service Utilizing Intel® Enhanced Privacy ID (Intel® SGX Attestation Service Utilizing Intel® EPID), update your Intel® Software Guard Extensions Platform Software (Intel® SGX PSW) to at least v2.17 (for Linux* OS) or v2.16 (for Windows OS) on all your Intel® SGX Virtual Machines (VMs)/bare metal OS installs.Follow all prior configuration guidance for published mitigations as needed (ex where platforms must be configured (via BIOS setup) with Intel® Hyper-Threading Technology (Intel® HT Technology) disabled to receive a particular Attestation response).For 3rd Generation Intel® Xeon® Scalable platforms, you must re-register your platforms with the Intel® Registration Service for Scalable Platforms. ![]() FIT load microcode, which could include obtaining a new BIOS from your platform Original Equipment Manufacturer (OEM) / Original Device Manufacturer (ODM) that contains the microcode provided by Intel to mitigate potential security vulnerabilities in scope.Actions Required by Partner Type Platform Owners (Cloud Service Providers (CSPs), Enterprise IT, Independent Software Vendors (ISVs) Self-managing Bare Metal Platforms, etc.) For details, refer to the Recommendation section of the applicable Security Advisory, INTEL-SA-00738. ![]() Important Note: For 3rd Generation Intel® Xeon® Processor (code-named Ice Lake), when Intel SGX is enabled, the BIOS and microcode must be aligned to the applicable IPU 2023.1 (or Icelake D (Idaville)) product version, or the system will hang. Partners who wish to gain confidence, via attestation, that the intended software is securely running within an enclave on an updated Intel SGX-enabled platform containing the latest patches should complete the below recommendations, listed by common partner type. Further TCB Recovery Guidance for developers is also available. Developers can find previous responses and additional details in the Intel® SGX Attestation Technical Details.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |