@stacksofplates said in Researchers use Intel SGX to put malware beyond the reach of antivirus software: Did you see what Intel said regarding this: Intel is aware of this research which is based upon assumptions that are outside the threat model for Intel SGX. The value of Intel SGX is to execute code in a protected enclave; however, Intel SGX does not guarantee that the code executed in the enclave is from a trusted source. In all cases, we recommend utilizing programs, files, apps, and plugins from trusted sources. Protecting customers continues to be a critical priority for us and we would like to thank Michael Schwarz, Samuel Weiser, and Daniel Grus for their ongoing research and for working with Intel on coordinated vulnerability disclosure. Outside of the threat model?......... Haha, whatever that means.