EVGA

Hot!Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE]

Author
Anewbis
New Member
  • Total Posts : 33
  • Reward points : 0
  • Joined: 2010/11/01 16:33:19
  • Status: offline
  • Ribbons : 1
2023/06/23 17:33:30 (permalink)
As many of us early adopters have been moved to legacy status I am making this pretty simple guide. None of the ME firmware available in the BIOS files posted here are vulnerability free. For those of us deprecated years ago, the list is LONG.
 
There are tons of vulnerabilities. If your ME Firmware is not up to date, here is a list of such vulnerabilities. Check the publish date of the latest ME updating BIOS for your card and that's a good estimate of how many are left unpatched.
https://www.intel.com/con...1784/technologies.html
 
You can see if you are vulnerable with this file, then again after updating to see that you are free from known trouble.
https://downloadcenter.intel.com/download/28632
 
Here is a link where you can find further links to the right thread with the current firmwares for various chipsets of the last 7 or 8 years. Make sure you get the firmware for your specific chipset. Someone had a corporate board and failed flashing.
https://rog-forum.asus.com/t5/hardware-build-advice/index-all-my-firmware-drivers-software-threads/m-p/827232
 
Find the download you need (comes with the official Intel ME FW and patcher). Right click start, click device manager, and make sure under system settings you have your current or newer Intel Management Interface installed. If not, check if Windows will install/update it for you or go grab it from EVGA downloads.
 
I had no issue, but consider being sure your vital data is secured if you use virtual TPM, such as a system image or duplicate files on another drive. I run BitLocker on my OS drive with the ME's virtual TPM and had 0 issues booting after patching, but I have dual bios and my recovery key on hand, and learned the FW patch enters an area of BIOS reserved for it so didn't have 2nd thoughts about going ahead and backed up nothing. Up to your discretion. 
 
Extract the files and run install.bat as admin. Do not lose power or shut down! After a moment, boom, holes filled. Reboot. For me on Z170 Classified K, the number of holes was 9. BIOS 2.06 from Jun 2019, but ME FW of April 2019 as verified by AMIBCP. BIOS intact, now with ME FW 11.8.93.4323 and no known holes more.
 
Finally, enjoy your sense of security!
 
 


 
post edited by Anewbis - 2023/06/23 17:36:05
#1

10 Replies Related Threads

    Mister E...
    New Member
    • Total Posts : 91
    • Reward points : 0
    • Joined: 2005/05/12 18:10:06
    • Status: offline
    • Ribbons : 3
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2023/06/24 13:10:34 (permalink)
    Anewbis
     
    Finally, enjoy your sense of security!
     



    Thank you for this.  x299 Dark patched.
     
    #2
    Chopper3200
    New Member
    • Total Posts : 28
    • Reward points : 0
    • Joined: 2007/09/25 21:28:57
    • Status: offline
    • Ribbons : 1
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2023/06/25 20:14:23 (permalink)
    Thanks! Worked great on X299 Dark. 
    #3
    Mister E...
    New Member
    • Total Posts : 91
    • Reward points : 0
    • Joined: 2005/05/12 18:10:06
    • Status: offline
    • Ribbons : 3
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2023/09/30 14:58:08 (permalink)
    Just an update to this thread - there's a newer CSME Version detection tool (v.9.0.1.0) available at the link provided above.
     
    There are new vulnerabilities detected when running the new tool with the x299 ME Firmware listed since the original post (was v.11.12.93.2323).
     
    Newer ME Firmware is available at the link provided above (Firmware : 11.12.94.2479 [04/01/2023]). Rinse & Repeat.
     
    I just did the update on my x299 Dark and all is well.
     

    post edited by Mister E... - 2023/09/30 15:07:36
    #4
    Mister E...
    New Member
    • Total Posts : 91
    • Reward points : 0
    • Joined: 2005/05/12 18:10:06
    • Status: offline
    • Ribbons : 3
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/04/29 14:51:31 (permalink)
    Update:
     
    There's a new CSME tool version 10.0.0.0.
     
    Also, latest ME Firmware for x299 is v.11.12.95.2499.
     
    Links above are all still valid and point you where you need to go.
    post edited by Mister E... - 2024/04/29 14:58:08
    #5
    dmann304
    iCX Member
    • Total Posts : 415
    • Reward points : 0
    • Joined: 2008/07/16 22:44:20
    • Status: offline
    • Ribbons : 0
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/05/11 18:31:35 (permalink)
    How to apply this for X299? and will it drop performance?
    #6
    DerpFails
    New Member
    • Total Posts : 54
    • Reward points : 0
    • Joined: 2017/10/14 15:10:00
    • Status: offline
    • Ribbons : 0
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/07/25 15:40:58 (permalink)
    Is it possible to downgrade ME to before mitigations?
    #7
    Mister E...
    New Member
    • Total Posts : 91
    • Reward points : 0
    • Joined: 2005/05/12 18:10:06
    • Status: offline
    • Ribbons : 3
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/08/08 17:04:43 (permalink)
    I haven't experienced any issues with performance.  Main benefit is fixed vulnerabilities.
     
    Latest ME firmware for x299 is updated again - v.11.12.96.2535 [11/12/2023]
     

    post edited by Mister E... - 2024/08/08 17:22:10
    #8
    ilukeberry
    iCX Member
    • Total Posts : 324
    • Reward points : 0
    • Joined: 2009/01/17 18:48:38
    • Status: offline
    • Ribbons : 1
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/09/21 15:15:35 (permalink)
    Z790 CLASSIFIED patched:
    Intel ME Consumer Firmware : Firmware : 16.1.32.2473 [14/04/2024]
    https://rog-forum.asus.com/t5/downloads-for-motherboards/firmware-intel-me-h610-b660-h670-z690-b760-h770-z790/td-p/861318
     


    Intel i9 13900KS | EVGA Z790 Classified | Corsair Vengeance 4x16GB 6600MHz | NVIDIA RTX 3080 Ti FE | Corsair MP600 PRO 2TB PHANTEKS Glacier One 360 T30 Gen2 AIO | Seasonic PRIME TX-850 | PHANTEKS Enthoo Evolv X
    #9
    Cool GTX
    EVGA Forum Moderator
    • Total Posts : 31069
    • Reward points : 0
    • Joined: 2010/12/12 14:22:25
    • Location: Folding for the Greater Good
    • Status: offline
    • Ribbons : 123
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/09/21 15:52:19 (permalink)
    ilukeberry
    Z790 CLASSIFIED patched:
    Intel ME Consumer Firmware : Firmware : 16.1.32.2473 [14/04/2024]
    https://rog-forum.asus.com/t5/downloads-for-motherboards/firmware-intel-me-h610-b660-h670-z690-b760-h770-z790/td-p/861318
     



    So your saying the EVGA ---> BETA BIOS for Z790 0x129 Microcode Update  ---> Passed the test?
     
    Why list the Link to? https://rog-forum.asus.com/t5/downloads-for-motherboards.......

    Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members

    I am a Volunteer Moderator - not an EVGA employee

    Older RIG projects RTX Project  Nibbler


     When someone does not use reason to reach their conclusion in the first place; you can't use reason to convince them otherwise!
    #10
    ilukeberry
    iCX Member
    • Total Posts : 324
    • Reward points : 0
    • Joined: 2009/01/17 18:48:38
    • Status: offline
    • Ribbons : 1
    Re: Updating Intel ME firmware to address vulnerabilities for older chipsets [GUIDE] 2024/09/22 02:03:19 (permalink)
    yeah new BIOS with 0x129 works fine.
     
    Link is listed to ASUS forum because there is one dude who is collecting these Intel updates which are generic ones for all brands.
     
    https://forums.evga.com/Updating-Intel-ME-firmware-to-address-vulnerabilities-for-older-chipsets-GUIDE-m3608258.aspx
     
     

    Intel i9 13900KS | EVGA Z790 Classified | Corsair Vengeance 4x16GB 6600MHz | NVIDIA RTX 3080 Ti FE | Corsair MP600 PRO 2TB PHANTEKS Glacier One 360 T30 Gen2 AIO | Seasonic PRIME TX-850 | PHANTEKS Enthoo Evolv X
    #11
    Jump to:
  • Back to Mobile