Plundervolt

rader · ‎12-12-2019

Hi Guys,

Thank you for providing information on the Intel Plundervolt Vulnerability Report. I ran the scan on our systems and found some vulnerable processors as I expect most organizations will also have.

Reading more information on the site you link to at plundervolt.com, I see that they also say that if you do not use SGX, you do not need to do anything. It looks like the scanning script just checks for the processors listed in the report. Is there a way to also check the vulnerable processors if SGX is enabled or BIOS undervolting is disabled?

If I'm asking the wrong questions it's probably because I'm still wrapping my head around how SGX and the BIOS are related.

Thanks.

Esben_D · ‎12-16-2019

I took a look at the database documentation, but I didn't see any field that could be used to identify whether SGX is used.

From what I can tell, you can enable SGX in the bios but it can also be software controlled (if you allow that in the bios). You can find more info here: https://software.intel.com/en-us/articles/properly-detecting-intel-software-guard-extensions-in-your-applications

If you have the SGX software installed on SGX enabled systems, you could just report on the software. Alternatively, you could do a file scan for sgx_uae_service.dll or sgx_urts.dll as the above page mentions.

I don't know if there is a registry key that could be used to detect this.

General Discussions

New to Lansweeper?

Try Lansweeper For Free