Enabled Intel SGX in BIOS question

Bios by default always auto update drivers within Windows auto update. The notion that your pc would need your permission to update driver and firmware is bygone in the era of Win 10/11. Yes MS, Intel and pc consortium AI are taking more control of everyone’s pc based on the presumption that the world is increasingly insecure and most users simply do not have time to manage it. Watch MI7 the entity and you would get an idea.  If you like to control your pc at admin level to override MS, first disable UEFI firmware update capsule, then disable driver download feature in Window update through group policy editor (if you have Win Pro edition).  Even then you would need to stay vigilant as there is still a programmer back door where MS/Intel can update your pc driver etc without your saying yes.  Intel SGX is just one example of security feature that they promote and once you enable that it opens some other switches to auto update certain drivers. 

When you decided to enable an integrated onboard component, Windows operating system will install a proper driver for that component.  For example, integrated audio, onboard ethernet, etc.

In this case, you chose to enable Intel SGX, Software Guard Extensions.  Therefore, a driver is required for the extensions to function properly.  Windows updates automatically installed an Intel SGX Platform Software driver, version 2.21.100.3 under a generic name Software Component.

Intel® Software Guard Extensions Platform Software (Intel® SGX PSW) includes the following changes in version 2.21.100.3:

o Resigned all Intel® SGX Architecture Enclaves
o Upgraded Intel® SGX Quote Verification Enclave to integrate OpenSSL/SgxSSL 3.0.10
o Added Rust wrapper for low-level Quote Generation APIs
o Enabled ‘SE_TRACE’ log in release binary
o Updated Rust QVL wrapper to use native Rust structure for quote verification collateral
o Added a limitation in the DCAP QVL to only allow the user to set the QvE load policy once
o Fixed bugs