[Guide] Howto Unlock/Flash an Insyde H2O UEFI BIOS

The ZIP won’t work. You did let me know.
The thing is that menu tables and executable part are placed in the same DXE driver. We got to find out how to unload the executable part and load it again when patched to make things to work.

Also, the Unlocker is a semi-permanent solution. It means that you can relock access to advanced BIOS.
Using this EFI application.
https://winraid.level1techs.com/uploads/short-url/fW7YQn0gkWIzMpvM93aLXojlYVs.zip

Well, I used the patch oncee, and saw that the Advanced tab was there. How would I be able to relock the things the unlocker unlocked? I just want some settings to keep while they are hidden again. It looks like it only shows sometimes or something with the EFI application patch…

Press F3 to lock.

If possible I wold like to unlock it temporarily using a patch on a USB drive, or make that F3 shortcut a permanent one to toggle between unlock/lock.

I don’t think it is possible. We can’t recompile the BIOS at this level without having source code.
And runtime patching way is a dead end.

I used the EFI app. Both unlocking and relocking works. I set the CPU mode from Non-Turbo Performance to Turbo performance, which should give a little boost.

Would there be a way I can use H2OUVE to change some BIOS information? I also have an option to disable the flash protection registers, but don’t know whether it gives more negative effects than positive effects, and even stays off then.

I don’t know. Lenovo laptops use different technology to store serial data. BIOS version can be changed.

This option and “BIOS Lock” option controls whether it is allowed to flash BIOS without HW programming tools.

I also managed to enable Modern Standby, a.k.a. (ACPI S0 Low Power Idle). It is the newest mode for a sleep state, which is nice. Weird they did not enable that at default.

I MANAGED TO DISABLE THEM, AND STAY DISABLED. But now, I want to use the H2OSDE tool to change the baseboard priduct name. I managed to run it and it indeed sahs that it is INVALID. But when I try to change the value, it says function not supported. Can you give me instructions how to get to change them? Atleast H20SDE is a tool that would allow me to change what I was searching for, but I need to get it to work first.

@Sweet_Kitten would you know how I would be able to make the POST and BIOS display on an external display by any luck with any of the unlocked advanced settings (with HDMI)? It might be handy for if my screen breaks in the future.

I think this is not possible. HDMI is connected to dGPU. dGPU does not work in POST and BIOS.

Hmmmm. But why does HDMI use the only GPU (the iGPU) when I boot in the OS then?

Then I was wrong. For HDMI in my laptop it is different.

Late to the party but I’m playing with an embedded AMD x86 system with a locked down Insyde BIOS Rev. 5.0 that only presents BIOS version, memory, date and time in the setup utility. It has an embedded flash chip that it will only boot from. It will recognize a bootable USB device but presents the error ‘has been blocked by the current security policy’, so I assumed secure boot is enabled.

I’ve dumped the winbond 25Q64FWS1Q flash chip successfully to a .bin file and have been playing with the H20EZE setup editor to try and change the boot type from UEFI to legacy boot, which I understand will bypass secure boot. I’ve exported what I thought was the saved .bin and re-flashed this to a NEW 25Q64FWS1G (note G not Q) chip as the original chip would not let me write it.

This modified flash chip would not boot. I burned the original file to another new 25Q64FWS1G chip and that works.

Could somebody point me towards what I need to do to either disable secure boot or set the boot type to legacy so I can get it to boot from another device?

Thanks!

@siegretawn look here How to Mod Lenovo Ideapad 320-17IKB type 80XM BIOS (InsydeH2O) - #2 by Gik2

Intel (R) Flash Programming Tool. Version: 8.1.60.1561
Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.

Platform: Intel(R) HM77 Express Chipset
Reading HSFSTS register… Flash Descriptor: Valid

--- Flash Devices Found ---
EN25Q32B    ID:0x1C3016    Size: 4096KB (32768Kb)
EN25QH16    ID:0x1C7015    Size: 2048KB (16384Kb)

PDR Region does not exist.
GBE Region does not exist.

Error 28: Protected Range Registers are currently set by BIOS, preventing flash
access.
Please contact the target system BIOS vendor for an option to disable Protected
Range Registers.

vars.zip (33.5 KB)
Please I need help to unlock BIOS update file with expired signature Dell Inspiron 15R SE 7520 bios A14.exe
QCL01A14.zip (3.2 MB)

Didn’t know a signature can expire… Or you mean expired digital sertificate?

Both, I would like to solve!