Hi all. I’m new here and in BIOS modding generally.
I need my ASRock H410M-HVS BIOS updated to mitigate INTEL-SA-00289.
1. After reading www . win-raid . com/t154f16-Tool-Guide-News-quot-UEFI-BIOS-Updater-quot-UBU.html I have successfully updated microcode
2. After reading www . win-raid . com/t596f39-Intel-Converged-Security-Management-Engine-Drivers-Firmware-and-Tools.html I have updated ME
But still I’m not able to enable Overclocking Lock which seems to be required to mitigate that issue as I read here: www . intel . com/content/www/us/en/support/articles/000057197/software/intel-security-products.html
I know my BIOS supports this option cuz I checked it with UEFITool + IRFExtractor as described here: www . reddit . com/r/Lenovo/comments/id0457/guide_to_reenable_undervolting_after_latest_bios/
What is funny it even seems that Overclocking Lock is already enabled which I checked by RU.efi - but maybe I did it wrong. It would be better to switch it in BIOS.
What further could you suggest me to do? Is it hard to unhide those menus? I’m noob in BIOS modding
I don’t understand your point. Are you really depending on SGX feature? That plundervolt attack is very hard to apply for most attackers plus in order to mitigate that attack you will loose all overclocking and most probably undervolting. The forums are full of users which are trying the right opposite which means disable overclocking lock setting.
You can simply download Rweverything and do set bit  of 0x194 MSR, which is what OC lock stand for. It is up to you what you would consider bigger threat because of powerfull Kernel RWe driver is known as heart of many invisible rootkits