‘Foreshadow’ Flaw Undermines the Intel CPU Secure Enclave

https://www.wired.com/story/foreshadow-intel-secure-enclave-vulnerability/

The best practice advice continues to apply in these situations –

  • Apply OS patches regularly
  • Apply hardware patches regularly
  • Manage the obsolescence of the platform
  • Consider vulnerabilities in future procurement
  • Carry out a technical risk assessment and identify potential countermeasures

Of course, this is standard process, apart from a bespoke risk assessment – a good patching regime should guarantee all patches are applied.

What you do on top of that, in terms of risk assessment and treatment, should be an enhancement that leads to accelerated patching activities (where appropriate) or bespoke management of particular patches, for instance where greater testing is required.