SGX reportedly required just a minor manufacturing configuration change, and doesn't even need a BIOS update.
Intel Software Guard Extensions (Intel SGX) is a set of x86 extension designed to increase the security of software through an “inverse sandbox” mechanism. In this approach, instead of trying to identify and isolate all the malware on the platform, legitimate sensitive code and data can be sealed inside an enclave and protected from attack by the malware, irrespective of the privilege level of the latter. Intel SGX needs to be supported by processors, operating systems and applications to actually work. The SGX is not something that works automatically once a chip is installed.
Source: KitGuru