Open Enclave is still in the process of getting to a stable v1.0 release and so does not currently provide a long term support version. We make a good faith effort to address security issues on a regular cadence and release a minor version update approximately once every quarter. Users should expect to upgrade to the latest release version or master branch build to stay current on security updates. See the table below for the currently supported versions of Open Enclave:

Security issues and bugs should be reported privately via email to the Microsoft Security Response Center (MSRC) at secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found at the Security TechCenter.