[Update] upgrade completed, see here for full instructions.
Hi experts,
I’m trying to upgrade HP Prodesk 600 G4 mini to fully support Intel AMT vPro (KVM redirection).
System currently has Intel Standard Manageability, but since (from what I can see) both the processor (Intel Core i5 8500T) and chipset (Intel Q370) should support vPro, I assume that the only thing stopping full AMT support is the configuration of Intel ME.
I have read and researched multiple posts online including posts and guides in this forum but feel that perhaps I am missing some information.
The main problem seems to be how to enable system to boot without protection of changing ME settings.
There is an FDO (assuming Flash Descriptor Override) marked pin (2 pins) on the motherboard but shortening it does not allow system to boot, it simply kills Intel Management Engine and spins the fan indefinitely and the system does not POST.
Does anyone have any more information about how to boot HP Probook 600 G4 mini into FDO mode?
Or, in case I would need to go the SPI programmer route, can someone please recommend reliable USB programmer set that could reprogram this particular SPI EEPROM without de-soldering?
From the motherboard picture FW chip seems to be Winbond 25Q256JVFQ
Here is info from HWiNFO64 regarding current Intel ME status:
[Current Computer]
Computer Name: DESKTOP-BE3IBVK
Computer Brand Name: HP HP ProDesk 600 G4 DM
Intel Core i5-8500T -------------------------------------------------------
[General Information]
Processor Name: Intel Core i5-8500T
Original Processor Frequency: 2100.0 MHz
Original Processor Frequency [MHz]: 2100
CPU ID: 000906EA
CPU Brand Name: Intel(R) Core(TM) i5-8500T CPU @ 2.10GHz
CPU Vendor: GenuineIntel
CPU Stepping: U0
CPU Code Name: Coffee Lake-S
CPU Technology: 14 nm
CPU S-Spec: SR3XD
CPU Thermal Design Power (TDP): 35.0 W
CPU VR Thermal Design Current (TDC): 74.0 A
CPU Power Limits (Max): Power = Unlimited, Time = Unlimited
CPU Power Limit 1 (Long Duration)/Processor Base Power (PBP): (35.00 W) (28.00 sec) [Unlocked]
CPU Power Limit 2 (Short Duration)/Maximum Turbo Power (MTP): (60.00 W) (2.44 ms) [Unlocked]
CPU Power Limit 4 (PL4): 60.0 W
Configurable TDP Level 1 (Down): 25.00 W (Unlimited range), 1600 MHz
Current Configurable TDP Level: Nominal (Legacy) [Unlocked]
CPU Max. Junction Temperature (Tj,max): 100 °C
CPU Type: Production Unit
CPU Platform: Socket H4 (LGA1151)
Microcode Update Revision: EA
Number of CPU Cores: 6
Number of Logical CPUs: 6
Motherboard ---------------------------------------------------------------
[Computer]
Computer Brand Name: HP HP ProDesk 600 G4 DM
[Motherboard]
Motherboard Model: HP 83EF
Motherboard Chipset: Intel Q370 (Cannon Lake-H)
Motherboard Slots: 1xPCI Express x1, 2xPCI Express x4
PCI Express Version Supported: v3.0
USB Version Supported: v3.1
[BIOS]
BIOS Manufacturer: Hewlett-Packard
BIOS Date: 04/16/2021
BIOS Version: Q22 Ver. 02.16.00
UEFI BIOS: Capable
Super-IO/LPC Chip: Unknown
Trusted Platform Module (TPM) Chip: Present, version 2.0
Intel ME ------------------------------------------------------------------
[ME Host Status]
ME Current Working State: Normal
Manufacturing Mode: Not Active
ME Current Operation Mode: Normal
Boot Guard Status: Enabled
Boot Guard Verified Boot Policy: Disabled
Boot Guard Measured Boot Policy: Disabled
[Intel Manageability Engine Features]
Intel ME Version: 12.0, Build 1753, Hot Fix 81
Intel ME Recovery Image Version: 12.0, Build 1753, Hot Fix 81
Intel ME FITC Version: 12.0, Build 1122, Hot Fix 7
Intel AMT Version: 12.0.81, Build 1753
Intel AMT Applications Version: 12.0.81
Flash Version: 12.0.81
Netstack Version: 12.0.81
Recovery Version: 12.0.81, Build 1753
BIOS Version: Q22 Ver. 02.16.00
[ME Firmware Capabilities]
Full Network Manageability: Not Capable
Standard Network Manageability: Capable
Manageability (AMT): Capable
Small Business Advantage: Not Capable
Intel Integrated Touch: Not Capable
Intel Anti-Theft: Not Capable
Capability Licensing Service: Capable
Virtualization Engine: Not Capable
Intel Sensor Hub (ISH): Not Capable
ICC Over Clocking: Not Capable
Protected Audio Video Path (PAVP): Capable
Network Frame Forwarder (NFF): Not Capable
Remote PC Assist (RPAT): Capable
IPV6: Capable
KVM Remote Control: Not Capable
Outbreak Containment Heuristic (OCH): Not Capable
Dynamic Application Loader (DAL): Capable
Cipher Transport Layer (TLS): Capable
Wireless LAN (WLAN): Not Capable
Platform Trust Technology (PTT): Not Capable
Near Field Communication (NFC): Not Capable
[ME Firmware Feature State]
Full Network Manageability: Disabled
Standard Network Manageability: Enabled
Manageability (AMT): Enabled
Small Business Advantage: Not Capable
MEI3: Not Capable
Intel Anti-Theft: Disabled
Capability Licensing Service: Enabled
Virtualization Engine: Disabled
Intel Sensor Hub (ISH): Disabled
ICC Over Clocking: Disabled
Protected Audio Video Path (PAVP): Enabled
Network Frame Forwarder (NFF): Not Capable
Remote PC Assist (RPAT): Enabled
IPV6: Enabled
KVM Remote Control: Disabled
Outbreak Containment Heuristic (OCH): Disabled
Dynamic Application Loader (DAL): Capable
Cipher Transport Layer (TLS): Enabled
Wireless LAN (WLAN): Disabled
Platform Trust Technology (PTT): Disabled
Near Field Communication (NFC): Disabled
[ME Firmware Platform Type]
Platform Target Usage Type: Desktop
SKU: Regular SKU
ME Firmware Image Type: Corporate SKU Firmware
Platform Brand: Intel Standard Manageability
Host ME Region Flash Protection Override (HMRFPO) Status: Locked
System --------------------------------------------------------------------
System Manufacturer: HP
Product Name: HP ProDesk 600 G4 DM
Product Version:
Product Serial Number: xxxxxxxxxxx
UUID: {xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx}
SKU Number: 2YE28AV
Family: 103C_53307F HP ProDesk
Mainboard -----------------------------------------------------------------
Mainboard Manufacturer: HP
Mainboard Name: 83EF
Mainboard Version: KBC Version 07.D1.00
Mainboard Serial Number: xxxxxxxxxxx
Asset Tag:
Location in chassis:
System Enclosure ----------------------------------------------------------
Manufacturer: HP
Case Type: Mini Tower
Version:
Serial Number: xxxxxxxxxxx
Asset Tag Number:
------------
and here is output of MEInfo:
Intel (R) MEInfo Version: 12.0.90.2077
Copyright (C) 2005 - 2022, Intel Corporation. All rights reserved.
General FW Information
Platform Type Desktop
FW Type Production
Last ME Reset Reason Global system reset
BIOS boot State Post Boot
Slot 1 Board Manufacturer 0x0000103C
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
Capability Licensing Service Enabled
Local FWUpdate Enabled
OEM ID 00000000-0000-0000-0000-000000000000
Integrated Sensor Hub Initial Power State Disabled
Intel(R) PTT Supported No
Intel(R) PTT initial power-up state Disabled
OEM Tag 0x00
TLS Enabled
Intel(R) ME code versions:
BIOS Version Q22 Ver. 02.16.00
MEBx Version 12.0.0.0010
GbE Version 0.5
Vendor ID 8086
FW Version 12.0.81.1753 H Corporate
LMS Version 2130.1.16.1
MEI Driver Version 2306.4.3.0
Wireless Hardware Version Not Available
Wireless Driver Version Not Available
IUPs Information
PMC FW Version 300.2.11.1025
LOCL FW Version 12.0.81.1753
WCOD FW Version 12.0.81.1753
PCH Information
PCH Version 10
PCH Device ID A306
PCH Step Data B0
PCH SKU Type Production PRQ Revenue
PCH Replacement State Disabled
PCH Replacement Counter 0
PCH Unlocked State Disabled
Flash Information
SPI Flash ID 1 EF4019
SPI Flash ID 2 Not Available
Host Read Access to ME Enabled
Host Write Access to ME Disabled
Host Read Access to EC Disabled
Host Write Access to EC Disabled
FW Capabilities 0x59329146
Intel(R) Standard Manageability - PRESENT/ENABLED
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - PRESENT/ENABLED
Persistent RTC and Memory - PRESENT/ENABLED
End Of Manufacturing
Post Manufacturing NVAR Config Enabled Yes
HW Binding Enabled
End of Manufacturing Enable Yes
Intel(R) Active Management Technology -
Intel(R) AMT State Disabled
IPv6 Enablement Disabled
Configuration State Completed
Provisioning Mode PKI
M3 Autotest Disabled
Link Status Link Up
Localized Language English
C-link Status Enabled
System UUID ef7be2d2-1f48-8fe3-05a7-2fae3c2d00ec
Wireless Micro-code Mismatch No
AMT Global State Enabled
Intel(R) Standard Manageability State Enabled
Privacy/Security Level Default
Intel(R) Protected Audio Video Path
Keybox Not Provisioned
Attestation KeyBox Not Available
EPID Group ID 0x28C7
Re-key needed False
PAVP Supported Yes
Security Version Numbers
Minimum Allowed Anti Rollback SVN 1
Image Anti Rollback SVN 12
Trusted Computing Base SVN 1
FW Supported FPFs
FPF UEP ME FW
*In Use
--- --- -----
Enforcement Policy 0x00 0x00 0x00
EK Revoke State Not Revoked Not Revoked Not Revoked
PTT Disabled Disabled Disabled
OEM ID 0x00 0x00 0x00
OEM Key Manifest Present Not Present Not Present Not Present
OEM Platform ID 0x00 0x00 0x00
OEM Secure Boot Policy 0x404 0x404 0x404
CPU Debugging Enabled Enabled Enabled
BSP Initialization Disabled Disabled Disabled
Protect BIOS Environment Disabled Disabled Disabled
Measured Boot Disabled Disabled Disabled
Verified Boot Disabled Disabled Disabled
Key Manifest ID 0x00 0x00 0x00
Persistent PRTC Backup Power Enabled Enabled Enabled
RPMB Migration Done Disabled Disabled Disabled
SOC Config Lock Done Not Done Done
SPI Boot Source Enabled Enabled Enabled
TXT Supported Disabled Disabled Disabled
ACM SVN FPF 0x00
BSMM SVN FPF 0x00
KM SVN FPF 0x00
OEM Public Key Hash FPF 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash UEP 0000000000000000000000000000000000000000000000000000000000000000
OEM Public Key Hash ME FW 0000000000000000000000000000000000000000000000000000000000000000
PTT Lockout Override Counter FPF 0x00
