DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


Substance of Interview
Applicant's request for entry into AFCP 2.0 is acknowledged. The Office completed additional consideration of the after final amendment within the time authorized for the pilot program. The result(s) of the additional consideration does place the application in condition for allowance over the cited prior art. In particular, the Office discussed with Applicant's representative, John Temple Keller, the proposed claim amendments that appear in the Examiner’s amendment. Agreement was reached on 03-11-2022.

Allowable Subject Matter
Claims 1-4, 6-7, 9-11, 13-16, 18-19 are allowed.


EXAMINER’S AMENDMENT
An Examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Claims have been amended as follows:

1. (Currently Amended) An information handling system comprising:
at least one processor;
a memory coupled to the at least one processor; and
an information handling resource including a firmware;
wherein the information handling system is configured to:
boot an operating system stored on the memory;
after booting the operating system, receive, from at least one remote server, information regarding a vulnerability associated with the firmware;
create a firmware-specific feature flag based on the information regarding the vulnerability;
store the firmware-specific feature flag in a cryptographically signed policy table with identifying information for the information handling resource;
based on the cryptographically signed policy table a security policy, determine a resolution for mitigation of the vulnerability, wherein the resolution includes allowing the information handling resource to operate but disabling a particular feature of the information handling resource; and
store information regarding the resolution in a storage location accessible to a preboot environment of the information handling system, wherein the preboot environment is configured to apply the resolution upon a subsequent boot of the information handling system.

2. (Original) The information handling system of claim 1, wherein the resolution includes preventing loading a driver associated with the information handling resource that includes the firmware.

3. (Original) The information handling system of claim 2, wherein the driver is a Unified Extensible Firmware Interface (UEFI) driver.

4. (Original) The information handling system of claim 1, wherein the preboot environment is a Basic Input/Output System of the information handling system.

5. (Canceled)

6. (Original) The information handling system of claim 1, wherein storing the information regarding the resolution in the storage location accessible to the preboot environment includes:
the operating system of the information handling system executing a persistent agent that has been presented to the operating system via a Windows Platform Binary Table (WPBT) channel; and
the persistent agent storing the information regarding the resolution in a designated storage space accessible to the preboot environment.




8. (Canceled)

 9. (Currently Amended) A method comprising:
booting an information handling system an operating system, wherein the information handling system comprises an information handling resource that includes a firmware;
after booting the operating system, the information handling system receiving, from at least one remote server, information regarding a vulnerability associated with the firmware;
creating a firmware-specific feature flag based on the information regarding the vulnerability;
storing the firmware-specific feature flag in a cryptographically signed policy table with identifying information for the information handling resource;
based on the cryptographically signed policy table a security policy, the information handling system determining a resolution for mitigation of the vulnerability, wherein the resolution includes allowing the information handling resource to operate but disabling a particular feature of the information handling resource; and


10. (Original) The method of claim 9, further comprising the information handling system requesting the information regarding the vulnerability.

11. (Original) The method of claim 9, further comprising the information handling system receiving the information regarding the vulnerability without requesting such information.

12. (Canceled)

13. (Currently Amended) An article of manufacture comprising a non-transitory, computer-readable medium having computer-executable code thereon that is executable by a processor of an information handling system for:
booting an operating system;
after booting the operating system, receiving, from at least one remote server, information regarding a vulnerability associated with a firmware of an information handling resource of the information handling system;
creating a firmware-specific feature flag based on the information regarding the vulnerability;
storing the firmware-specific feature flag in a cryptographically signed policy table with identifying information for the information handling resource;
based on the cryptographically signed policy table a security policy, determining a resolution for mitigation of the vulnerability, wherein the resolution includes allowing the information handling resource to operate but disabling a particular feature of the information handling resource; and
storing information regarding the resolution in a storage location accessible to a preboot environment of the information handling system, wherein the preboot environment is configured to apply the resolution upon a subsequent boot of the information handling system.

14. (Original) The article of claim 13, wherein the resolution includes preventing loading a driver associated with the information handling resource that includes the firmware.

15. (Original) The article of claim 14, wherein the driver is a Unified Extensible Firmware Interface (UEFI) driver.

16.  (Original) The article of claim 13, wherein the preboot environment is a Basic Input/Output System of the information handling system.

17. (Canceled)
 

the operating system of the information handling system executing a persistent agent that has been presented to the operating system via a Windows Platform Binary Table (WPBT) channel; and
the persistent agent storing the information regarding the resolution in a designated storage space accessible to the preboot environment.

19. (Original) The article of claim 13, wherein the receiving, determining, and storing are carried out by a software agent executing on the operating system.

20. (Canceled)




Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to AUREL PRIFTI whose telephone number is (571)270-1743.  The examiner can normally be reached on M-F 8 a.m.- 6 p.m..
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kim Ngoc Huynh can be reached on 571-272-4147.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.


/AUREL PRIFTI/Primary Examiner, Art Unit 2186                                                                                                                                                                                                        

Aurel Prifti     
 Primary Examiner
Art Unit 2186
Tel. (571) 270-1743
Fax (571) 270-2743

aurel.prifti@uspto.gov