Intel Management Engine Firmware Update faild:
Error 8968:Firmware update failed due to an internal error
I updated from the earlier BIOS version 01.08.01 Rev.A ME1427 directly to the latest BIOS version 01.14.01 Rev.A. intel me 12.0.70.1652 ,The BIOS update was successful, but the ME update reported an error, saying that it was an internal error. The previous upgrade and downgrade were OK. Now The BIOS cannot be downgraded because of HP Sure Admin, and the ME cannot be upgraded. Please help me.
Show the output of MEInfo -verbose
H:>MEINFOWIN64.EXE -VER
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
H:>MEINFOWIN64.EXE -VERBOSE
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
LPC Device Id: A30E.
Platform: Cannonlake Platform
Windows OS Version : 10.0
FW Status Register1: 0x90000245
FW Status Register2: 0x0BF10506
FW Status Register3: 0x00000030
FW Status Register4: 0x00004800
FW Status Register5: 0x00000000
FW Status Register6: 0x00400004
CurrentState: Normal
ManufacturingMode: Disabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
SPI Flash Log: Not Present
Phase: ROM/Preboot
ME File System Corrupted: No
PhaseStatus: UNKNOWN
FPF and ME Config Status: Not committed
FW Capabilities value is 0x51309140
Feature enablement is 0x51309140
Platform type is 0x41000481
Intel(R) Manageability and Security Application code versions:
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
BIOS Version Q70 Ver. 01.14.01
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
Table Type 0 ( 0x 00 ) found, size of 59 (0x 3B ) bytes
Table Type 1 ( 0x 01 ) found, size of 88 (0x 58 ) bytes
Table Type 2 ( 0x 02 ) found, size of 66 (0x 42 ) bytes
Table Type 3 ( 0x 03 ) found, size of 43 (0x 2B ) bytes
Table Type 13 ( 0x 0D ) found, size of 98 (0x 62 ) bytes
Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes
Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes
Table Type 221 ( 0x DD ) found, size of 94 (0x 5E ) bytes
Table Type 221 ( 0x DD ) found, size of 354 (0x 162 ) bytes
Table Type 221 ( 0x DD ) found, size of 208 (0x D0 ) bytes
Table Type 221 ( 0x DD ) found, size of 32 (0x 20 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 8 ( 0x 08 ) found, size of 26 (0x 1A ) bytes
Table Type 9 ( 0x 09 ) found, size of 25 (0x 19 ) bytes
Table Type 41 ( 0x 29 ) found, size of 24 (0x 18 ) bytes
MEBx Version 12.0.0.0010
GbE Version 0.4
Descriptor Version 1.0
Vendor ID 8086
FW Version 12.0.35.1427 H Corporate
LMS Version 2036.15.0.1832
MEI Driver Version 2031.15.0.1743
Wireless Hardware Version Not Available
Wireless Driver Version Not Available
PMC FW Version 300.2.11.1020
OEM FW Version 3.1.0.3524
LOCL FW Version 12.0.35.1427
WCOD FW Version 12.0.35.1427
PCH Information
PCH Version 10
PCH Device ID A30E
PCH Step Data B1
PCH SKU Type Production QS
PCH Replacement Counter 0
PCH Replacement State Disabled
PCH Unlocked State Disabled
FW Capabilities 0x51309140
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - PRESENT/ENABLED
Intel(R) Platform Trust Technology - NOT PRESENT
Persistent RTC and Memory - PRESENT/ENABLED
AMT Global State Enabled
Capability Licensing Service Enabled
Discrete vPro NIC Enabled Disabled
Discrete vPro NIC on board SMBus address 0x49
End of Manufacturing Enable Yes
Local FWUpdate Enabled
OEM ID 4C656E6F-766F-0000-0000-000000000000
Integrated Sensor Hub Initial Power State Disabled
Intel(R) PTT Supported No
Intel(R) PTT initial power-up state Disabled
OEM Tag 0x00
PAVP Supported Yes
Post Manufacturing NVAR Config Enabled Yes
Privacy/Security Level Default
TLS Enabled
FW Type Production
Intel(R) AMT State Disabled
Last ME reset reason Unknown
BIOS Config Lock Enabled
GbE Config Lock Enabled
Host Read Access to ME Enabled
Host Write Access to ME Enabled
Host Read Access to EC Disabled
Host Write Access to EC Disabled
Protected Range Register Base #0 0x1CD8
Protected Range Register Limit #0 0x1FFF
Protected Range Register Base #1 0x0
Protected Range Register Limit #1 0x0
Protected Range Register Base #2 0x0
Protected Range Register Limit #2 0x0
Protected Range Register Base #3 0x0
Protected Range Register Limit #3 0x0
Protected Range Register Base #4 0x0
Protected Range Register Limit #4 0x0
SPI Flash ID 1 EF4019
SPI Flash ID 2 Not Available
BIOS boot State Post Boot
Link Status Link Up
System UUID 00000000-0000-0000-0000-000000000000
Configuration State Not Started
Provisioning Mode PKI
Slot 1 Board Manufacturer 0x000017AA
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
M3 Autotest Disabled
C-link Status Enabled
Localized Language English
EPID Group ID 0x28AF
Keybox Not Provisioned
Minimum Allowed Anti Rollback SVN 1
Image Anti Rollback SVN 5
Trusted Computing Base SVN 1
Re-key needed False
HW Binding Disabled
Intel(R) SMLink0b MCTP Address 0x00
FPF UEP ME FW
*In Use
— — -----
Enforcement Policy Not set 0x00 0x00
EK Revoke State Not set Not Revoked Not Revoked # Not Revoked=0, Revoked=1
PTT Not set Disabled Disabled # Disabled=0, Enabled=1
OEM ID Not set 0x00 0x00
OEM Key Manifest Present Not set Present Present # Not Present=0, Present=1
OEM Platform ID Not set 0x00 0x00
OEM Secure Boot Policy Not set 0x444 0x444
CPU Debugging Not set Enabled Enabled # Enabled=0, Disabled=1
BSP Initialization Not set Disabled Disabled # Enabled=0, Disabled=1
Protect BIOS Environment Not set Disabled Disabled # Disabled=0, Enabled=1
Measured Boot Not set Disabled Disabled # Disabled=0, Enabled=1
Verified Boot Not set Disabled Disabled # Disabled=0, Enabled=1
Key Manifest ID Not set 0x01 0x01
Persistent PRTC Backup Power Not set Enabled Enabled # Enabled=0, Disabled=1
RPMB Migration Done Not set Disabled Disabled # Disabled=0, Enabled=1
SOC Config Lock Not set Not Done Not Done # Not Done=0, Done=1
SPI Boot Source Not set Enabled Enabled # Enabled=0, Disabled=1
TXT Supported Not set Disabled Disabled # Disabled=0, Enabled=1
ACM SVN FPF Not set
BSMM SVN FPF Not set
KM SVN FPF Not set
OEM Public Key Hash FPF Not set
OEM Public Key Hash UEP CF61769095C06745AFC0FC42615431FDF9DC7C324EB3B787011766DBFEE56E1F
OEM Public Key Hash ME FW CF61769095C06745AFC0FC42615431FDF9DC7C324EB3B787011766DBFEE56E1F
PTT Lockout Override Counter FPF Not set
Description:
This package creates files that contain an image of the System BIOS (ROM) for the supported computer models with a Q70 family ROM. This package is used to flash the System ROM on a supported HP ZBook 15/17 G5 Mobile Workstation.
Fix and enhancements:
- Fixes an issue where Secure Erase does not execute properly when the display is changed to a non-English language.
- Fixes an issue where the system resumes from sleep slower than expected when the Video Memory is changed to 512 MB.
- Fixes an issue where the HP Sure start Recovery screen is unexpectedly displayed when Sure Start BIOS Setting Protection is enabled.
- Fixes an issue where HP System Info is launched when F3 or F4+Esc are pressed repeatedly.
- Fixes an issue where the Windows Hotkey function are activated when certain letters (such as Q, W, or E) are pressed after function keys F1 to F5 are pressed continuously.
- Addresses security vulnerabilities CVE-2020-8694, CVE-2020-8695, CVE-2020-8696.
- Addresses security vulnerabilities CVE-2020-8705, CVE-2020-8744, CVE-2020-8745, CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753, CVE-2020-8754, CVE-2020-8756, CVE-2020-8757, CVE-2020-8760, CVE-2020-12297, CVE-2020-12303, CVE-2020-12355, CVE-2020-12356.
- Adds public WMI support to get battery information via third party software.
- Improves performance of systems with an NVIDIA Graphic card installed.
- Provides support for the HP Sure Admin feature in the F10 setup interface.
NOTE: After this update is run and HP Sure Admin is enabled, the system will not be compatible with older BIOS versions. Attempts to install older BIOS versions will be blocked.
- Includes the following firmware:
Intel Management Engine, version 12.0.70.1652
Embedded Controller (EC), version 15.47.00
Intel vBIOS, version 9.2.1011
AMD Baffin Pro vBIOS, version BR01205.001
AMD Baffin Pro2 vBIOS, version BR01210.001
AMD Baffin XT vBIOS, version BR01212.001
NVIDIA N18EQ1 vBIOS, version 86.04.A2.00.0D
NVIDIA N18EQ3 vBIOS, version 86.04.A2.00.0E
NVIDIA N18EQ5 vBIOS, version 86.04.A2.00.23
Intel GOP, version 9.0.1075
NVIDIA GOP, version 3000E
USB Type-C PD Firmware, version CCG5_07.10
Intel/Realtek PXE ROM, version 0.1.13
Intel/Realtek UEFI PXE ROM, version I219-LM
The BIOS cannot be downgraded now.
Before updating the latest 01.14.01 BIOS, my computer can update the BIOS and intel me normally, and it can be upgraded or downgraded. When I updated the latest BIOS this time, ME could not be updated, and then the BIOS could not be downgraded. I did not bring the firmware programming in China to foreign countries. I don’t know if it is caused by the BIOS, please help analyze, thank you very much
The CSME firmware seems healthy based on MEInfo. The good thing is that you seem to have an unlocked Flash Descriptor (read/write access to the CSME firmware) so you can follow [Guide] Clean Dumped Intel Engine (CS)ME/(CS)TXE Regions with Data Initialization on your SPI/BIOS dump (fptw64 -d spi.bin) and then flash the cleaned output back (fptw64 -f spi_fix.bin followed by fptw64 -greset). This will verify for sure that the CSME firmware is indeed healthy. Everything else after that is BIOS related. Try a CSME cleanup by following the guide above and report back if the problem persists or not. Also, make sure you are not trying to downgrade to CSME with a lower SVN and/or VCN value, as explained at Intel Management Engine: Drivers, Firmware & System Tools.
D:\WIN64>FPTW64 -F SIP.BIN
Intel (R) Flash Programming Tool Version: 12.0.68.1606
Copyright (C) 2005 - 2020, Intel Corporation. All rights reserved.
Reading HSFSTS register… Flash Descriptor: Valid
— Flash Devices Found —
ID:0xEF4019 Size: 32768KB (262144Kb)
Error 167: Protected Range Registers are currently set by BIOS, preventing flash access.
Please contact the target system BIOS vendor for an option to disable
Protected Range Registers.
FPT Operation Failed.
I have cleared the intel me data, but unfortunately I cannot rewrite the BIOS using the FTP tool. Maybe I need to use a programmer.
Hello, I have processed OK. The BIOS cannot be written, but I used the command to update the ME successfully, thank you very much.
Do you have a programmer that you can use? If yes, use it to dump the entire SPI image. Otherwise, we can work around the BIOS locks by dumping the CSME firmware only via "fptw64 -me -d csme.bin". The latter does require more steps though. Compress and attach whatever image you end up making to take a look.
THANK YOU VERY MACH!
H:>dir
驱动器 H 中的卷没有标签。
卷的序列号是 4923-DE5E
H:\ 的目录
2020/12/18 15:14 <DIR> CCTV
2020/10/21 17:48 5,313,628,160 cn_windows_10_business_editions_version_2004_updated_sep_2020_x64_dvd_7134ba4b.iso
2020/10/24 10:13 5,895,442,432 cn_windows_10_business_editions_version_20h2_x64_dvd_f978664f.iso
2020/10/02 13:04 5,424,910,336 cn_windows_10_consumer_editions_version_2004_updated_sep_2020_x64_dvd_049d70ee.iso
2021/01/06 10:58 45 error.log
2021/01/06 15:57 <DIR> HP_BIOS
2019/09/04 06:42 89,576 Idrvdll32e.dll
2019/09/04 06:42 1,769,448 MEInfoWin64.exe
2019/09/04 06:42 124,392 Pmxdll32e.dll
2020/10/24 20:40 <DIR> QQ文件
7 个文件 16,635,964,389 字节
3 个目录 400,025,649,152 可用字节
H:>meinfowin64 -verbose
Intel (R) MEInfo Version: 12.0.40.1433
Copyright (C) 2005 - 2019, Intel Corporation. All rights reserved.
LPC Device Id: A30E.
Platform: Cannonlake Platform
Windows OS Version : 10.0
FW Status Register1: 0x90000255
FW Status Register2: 0x0BF10506
FW Status Register3: 0x00000030
FW Status Register4: 0x00004804
FW Status Register5: 0x00000000
FW Status Register6: 0x00400004
CurrentState: Normal
ManufacturingMode: Enabled
FlashPartition: Valid
OperationalState: CM0 with UMA
InitComplete: Complete
BUPLoadState: Success
ErrorCode: No Error
ModeOfOperation: Normal
SPI Flash Log: Present
Phase: ROM/Preboot
ME File System Corrupted: No
PhaseStatus: UNKNOWN
FPF and ME Config Status: Not committed
FW Capabilities value is 0x51309540
Feature enablement is 0x51309540
Platform type is 0x41000481
Intel(R) Manageability and Security Application code versions:
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
BIOS Version Q70 Ver. 01.14.01
Table Type 255 ( 0x FF ) found, size of 0 (0x 00 ) bytes
Table Type 0 ( 0x 00 ) found, size of 59 (0x 3B ) bytes
Table Type 1 ( 0x 01 ) found, size of 88 (0x 58 ) bytes
Table Type 2 ( 0x 02 ) found, size of 66 (0x 42 ) bytes
Table Type 3 ( 0x 03 ) found, size of 43 (0x 2B ) bytes
Table Type 13 ( 0x 0D ) found, size of 98 (0x 62 ) bytes
Table Type 16 ( 0x 10 ) found, size of 25 (0x 19 ) bytes
Table Type 19 ( 0x 13 ) found, size of 33 (0x 21 ) bytes
Table Type 221 ( 0x DD ) found, size of 94 (0x 5E ) bytes
Table Type 221 ( 0x DD ) found, size of 354 (0x 162 ) bytes
Table Type 221 ( 0x DD ) found, size of 208 (0x D0 ) bytes
Table Type 221 ( 0x DD ) found, size of 32 (0x 20 ) bytes
Table Type 7 ( 0x 07 ) found, size of 37 (0x 25 ) bytes
Table Type 4 ( 0x 04 ) found, size of 185 (0x B9 ) bytes
Table Type 8 ( 0x 08 ) found, size of 26 (0x 1A ) bytes
Table Type 9 ( 0x 09 ) found, size of 25 (0x 19 ) bytes
Table Type 41 ( 0x 29 ) found, size of 24 (0x 18 ) bytes
MEBx Version 12.0.0.0010
GbE Version 0.4
Descriptor Version 1.0
Vendor ID 8086
FW Version 12.0.71.1681 H Corporate
LMS Version 2036.15.0.1832
MEI Driver Version 2031.15.0.1743
Wireless Hardware Version Not Available
Wireless Driver Version Not Available
PMC FW Version 300.2.11.1025
OEM FW Version 3.1.0.3524
ISHC FW Version 5.0.100.3618
LOCL FW Version 12.0.71.1681
WCOD FW Version 12.0.71.1681
PCH Information
PCH Version 10
PCH Device ID A30E
PCH Step Data B1
PCH SKU Type Production QS
PCH Replacement Counter 0
PCH Replacement State Disabled
PCH Unlocked State Disabled
FW Capabilities 0x51309540
Protect Audio Video Path - PRESENT/ENABLED
Intel(R) Dynamic Application Loader - PRESENT/ENABLED
Service Advertisement & Discovery - PRESENT/ENABLED
Intel(R) Platform Trust Technology - NOT PRESENT
Persistent RTC and Memory - PRESENT/ENABLED
AMT Global State Enabled
Capability Licensing Service Enabled
Discrete vPro NIC Enabled Disabled
Discrete vPro NIC on board SMBus address 0x49
End of Manufacturing Enable No
Local FWUpdate Enabled
OEM ID 00000000-0000-0000-0000-000000000000
Integrated Sensor Hub Initial Power State Enabled
Intel(R) PTT Supported No
Intel(R) PTT initial power-up state Disabled
OEM Tag 0x00
PAVP Supported Yes
Post Manufacturing NVAR Config Enabled Yes
Privacy/Security Level Default
TLS Enabled
FW Type Production
Intel(R) AMT State Disabled
Last ME reset reason Unknown
BIOS Config Lock Enabled
GbE Config Lock Enabled
Host Read Access to ME Enabled
Host Write Access to ME Enabled
Host Read Access to EC Disabled
Host Write Access to EC Disabled
Protected Range Register Base #0 0x1CD8
Protected Range Register Limit #0 0x1FFF
Protected Range Register Base #1 0x0
Protected Range Register Limit #1 0x0
Protected Range Register Base #2 0x0
Protected Range Register Limit #2 0x0
Protected Range Register Base #3 0x0
Protected Range Register Limit #3 0x0
Protected Range Register Base #4 0x0
Protected Range Register Limit #4 0x0
SPI Flash ID 1 EF4019
SPI Flash ID 2 Not Available
BIOS boot State Post Boot
Link Status Link Up
System UUID 00000000-0000-0000-0000-000000000000
Configuration State Not Started
Provisioning Mode PKI
Slot 1 Board Manufacturer 0x00000000
Slot 2 System Assembler 0x00000000
Slot 3 Reserved 0x00000000
M3 Autotest Disabled
C-link Status Enabled
Localized Language English
EPID Group ID 0x28AF
Keybox Not Provisioned
Minimum Allowed Anti Rollback SVN 1
Image Anti Rollback SVN 10
Trusted Computing Base SVN 1
Re-key needed False
HW Binding Disabled
Intel(R) SMLink0b MCTP Address 0x00
FPF UEP ME FW
*In Use
— — -----
Enforcement Policy Not set 0x00 0x00
EK Revoke State Not set Not Revoked Not Revoked # Not Revoked=0, Revoked=1
PTT Not set Disabled Disabled # Disabled=0, Enabled=1
OEM ID Not set 0x00 0x00
OEM Key Manifest Present Not set Present Present # Not Present=0, Present=1
OEM Platform ID Not set 0x00 0x00
OEM Secure Boot Policy Not set 0x444 0x444
CPU Debugging Not set Enabled Enabled # Enabled=0, Disabled=1
BSP Initialization Not set Disabled Disabled # Enabled=0, Disabled=1
Protect BIOS Environment Not set Disabled Disabled # Disabled=0, Enabled=1
Measured Boot Not set Disabled Disabled # Disabled=0, Enabled=1
Verified Boot Not set Disabled Disabled # Disabled=0, Enabled=1
Key Manifest ID Not set 0x01 0x01
Persistent PRTC Backup Power Not set Enabled Enabled # Enabled=0, Disabled=1
RPMB Migration Done Not set Disabled Disabled # Disabled=0, Enabled=1
SOC Config Lock Not set Not Done Not Done # Not Done=0, Done=1
SPI Boot Source Not set Enabled Enabled # Enabled=0, Disabled=1
TXT Supported Not set Disabled Disabled # Disabled=0, Enabled=1
ACM SVN FPF Not set
BSMM SVN FPF Not set
KM SVN FPF Not set
OEM Public Key Hash FPF Not set
OEM Public Key Hash UEP CF61769095C06745AFC0FC42615431FDF9DC7C324EB3B787011766DBFEE56E1F
OEM Public Key Hash ME FW CF61769095C06745AFC0FC42615431FDF9DC7C324EB3B787011766DBFEE56E1F
PTT Lockout Override Counter FPF Not set
Ok, you’re doing things on your own. What did you flash exactly via “fptw64 -me”? You may have bricked the system depending on your answer, don’t reboot.
I successfully write 16MB of intel me through fptw64.exe -f spi.bin -me command, and use the command to restart. It was a great experience. I was also very worried that the bricks could not be turned on, but luckily it started. It was a happy night. Thank you very much for your help.
Umm sure, don’t know what you flashed but if it boots then it must have been a CSE Region. Or maybe some sort of HP Recovery procedure avoided the brick. Anyway, enjoy your repaired system I guess. 
I backed up the dumped BIOS, and then used the FIT tool provided by the forum to replace the csme area with the latest version upgraded by the forum, and then output the 32MB BIOS produced. The BIOS area has not been changed, but the CSME area is cleared and restored to the version provided by the forum. So this protects my computer from restarting.
Oh so you did manage to get a full 32MB dump (FD + CSME + BIOS) and cleaned that. Then ok, no problem.
Hello, I also want to ask a question. Can you tell me where the csme/bios/FD part of the BIOS program provided by HP is located in winhex? I only know that the BIOS is in (0x220-0x1000220), but I don’t know the CSME location area at the factory. I want to know their layout, and I need your guidance. Thank you.
(0x000-0x220)Is this area vbios? If I want to extract the BIOS from the BIOS, and which area is it, I really want to learn this knowledge, but there is no teacher.
https://mega.nz/file/Zf5C0KZK#34_7_qTolc…Q0HxyHhvag4Xmrs SPI.bin
https://h30318.www3.hp.com/pub/softpaq/s…00/sp110685.exe HP new 01.14.01 BIOS
Use UEFITool to understand the basic Intel SPI/BIOS image layout. Any BIOS related questions can be posted at the appropriate sub-forum and if someone is able to help you, they’ll do so there.