Intel (Converged Security) Management Engine: Drivers, Firmware and Tools (2-15)

Flash the attached file back. Afterwards you should boot into DOS (if not Windows) and use Flash Programming Tool with command fpt -greset to reset the ME state now that it’s SPI firmware is reflashed.

backups_me.rar (3.78 MB)

Intel Management Engine (ME) Firmware Version 11.0.10.1002 (S&H)(1.5Mo) is out …on SD…

Intel ME 11.0 Consumer PCH-H Firmware v11.0.10.1002

Capture.PNG



Note: Version Control Number (VCN) was increased to 13. No downgrade via FWUpdate possible after updating.

Thanks to Intel for the new firmware. Also thanks to SD/Pacman and ex58 for letting me know.

Question; what do the "type" and "Rev" mean on this output? The first entry is my current file just from ASUS and of course the second entry this latest. Do I need to save anything ASUS specific or…?


C:\Users\error-id10t\Desktop\ME Analyzer v1.4.13>mea back.bin

-------[ ME Analyzer v1.4.13 ]-------
Database r48

File: back.bin

Firmware: Intel ME
Version: 11.0.0.1178
Release: Production
Type: Update
SKU: Consumer H
Rev: D0
VCN: 7
Date: 12/09/2015
Platform: SKL-SPT
Latest: No


C:\Users\error-id10t\Desktop\ME Analyzer v1.4.13>mea 11.0.10.1002_CON_H_XX_PRD_RGN.bin

-------[ ME Analyzer v1.4.13 ]-------
Database r48

File: 11.0.10.1002_CON_H_XX_PRD_RGN.bin

Firmware: Intel ME
Version: 11.0.10.1002
Release: Production
Type: Region, Stock
SKU: Consumer H
VCN: 13
Date: 04/03/2016
Platform: SKL-SPT
Latest: Yes


C:\Users\error-id10t\Desktop\ME Analyzer v1.4.13>

ReUpload Intel ME 9.1 Consumer 1.5MB Firmware v9.1.37.1002 (EXTR → RGN)

Capture.PNG



Thanks to Sylar76 for the clean/RGN latest 9.1 firmware.

@ error-id10t:

As seen at the Repository thread: The Type of each firmware can be Stock Region (RGN), Extracted Region (EXTR) or Update (UPD). RGN are provided by Intel, EXTR by SPI/BIOS images and UPD by Intel or FWUpdate.

Rev stands for Revision and it’s the stepping of the PCH. Pretty much every publicly released (Production) PCH is at stepping D0 for PCH-H and C0 for PCH-LP. At MEA it’s only mentioned when I know it’s value due to the filename of the firmware, a changelog or similar. Unless Intel has released a new PCH stepping (very unlikely), it should still be D0 and C0 for H and LP respectively.

If you use FWUpdate, you don’t need to change any settings as it uses Update (UPD) images and not the full Region (RGN or EXTR).

Thanks very much, decided to flash and all is well.

Well, I’m modding an m17xR4 bios (a13). I’ve been able to update ALL the modules that could be updated. Intel RST (UEFI & Legacy), LAN / PXE Firmware, GOP drivers, GOP Policy, etc… I’ve also brought Legacy Support, POSSIBLY, into this firmware, too. However, I’ve run into a small issue. The bios that I’ve modded is the full 8mb (Intel ME and Bios). He is already running the A13 stock bios through dell, so this modded A13 STOCK that I have shouldn’t be an issue if he flashes. HOWEVER, I’m wanting to strip out the ME in order to be able to allow people to flash this AFTER they have flashed the stock a13 dell bios, of course. But, if that person has updated their ME, by doing a manual update, etc… would they still, in theory, be able to flash the bios mod? (Again, assuming it’s JUST the bios, not ME firmware included).

ALSO… Do you know how to strip away the ME firmware from a bios? I know the ME Firmware, in the insyde BIOS, starts where the text “krid” is. However, do I just use “FF” to strike out the entire area of the ME info, or is there another way? Do I delete that entire area in the bios file? Just thought I’d ask…

Thanks in advance!
Swick

How are people flashing this mod? With FPT I presume? Hopefully not the full 8MB SPI because they would then lose system-specific settings found at the BIOS. Flashing the full 8MB SPI image would require an unlocked flash descriptor either way otherwise the FD and ME would be left untouched.

Since Dell provides at their latest (A13) BIOS a configured (EXTR) ME region, you can leave it as it is (even with FPT flashing) or update the modded 8MB SPI region with an updated+configured (with FITC, transfer all settings to latest version) ME region.

Capture.PNG



Again, all of these depend on a) what flasher you use and b) whether the FD is unlocked or can be unlocked via a jumper etc. Generally, if you want to remove just the ME Region from the full 8MB SPI image, all you have to do is open it with FITC and Right Click > Disable the ME Region. It will change the FD to reflect that and fill the empty space with padding. Obviously don’t do it manually by slashing away bytes without fixing the Flash Descriptor’s offsets. The ME Region starts at the $FPT header (20 20 80 etc). It’s best to use UEFITool to extract and replace it if you don’t know where it begins and ends exactly. Always make sure the size is the same of course.

I was wondering, what is the point in updating the ME region of the bios when the ME doesn’t affect the behavior of the PC in any way? it’s not like having new more efficient drivers or something, this is just a low level rootkit, am I wrong?

Regarding the first statement, you are wrong. I am not saying that updating the ME firmware is as important as other system components which might yield more visual performance improvements, but saying it’s useless is very wrong, especially since Intel has deeply integrated into their post-PCH architecture.

Whether it’s a rootkit, and I assume you mean a malevolent one, is certainly your opinion. This thread is not about ME security or whether Intel is spying on it’s users. It’s about maintenance, that’s all.

So you are saying the features in the doc you linked are not present in prior versions of ME ? I saw that some vendors do release ME updates when they are needed, if there’s no update and the PC is working it won’t make any difference if you upgrade the ME region, and probably even if it’s not working as I doubt there could be any issue related to ME if it stays untouched.
As for the rootkit part, I am not implying it’s malevolent or that Intel is spying anyone, it’s just what it is, http://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub .

Hello to All. I want to update intel me fw on MSI notebook GS60 6QE. Here is link for hw configuration https://us.msi.com/Notebook/GS60-Ghost-P…l#hero-overview
As I understood flashing me fw with FWUpdate more safely method. I don’t want any mods - just update fw. Is flashing safely procedure and don’t any harm to my machine? Thank you for reply

Analizer.jpg

2016-04-22_160840.jpg

.

@ AGabi:

Yes, correct firmware. Thank you for using ME Analyzer. You can go ahead using FWUpdate for the CON H SKU.

I have an Error 8719 when flashing dumping me file ver. 1180 from MSI BIOS

Tried DOS mode - same result Error 8719(

2016-04-23_123234.jpg

@AGabi
Use this method: [Guide] Clean the ME/TXE Initialized DATA section of a SPI image dump
I use that method to get the latest ME firmware on my Gigabyte Z170 Motherboard. I get the same error as you and used that method to fix it.

Intel MEI Driver v11.0.5.1189 INF for manual installation

Thanks to Pacman/SD for the updated driver.


As I an understanding this method for clearing dumping file. But my file was dump from clean BIOS file from OEM site, it never used. Now I tried latest version file from the forum tread and had same result(

@ AGabi:

That’s a BIOS issue and needs to be resolved by MSI. Make sure you have the latest BIOS applied and if that doesn’t solve it you should contact them.

Intel ME 11.0 Corporate PCH-H Firmware v11.0.10.1002

Capture.PNG



Note: Version Control Number (VCN) was increased to 13. No downgrade via FWUpdate possible after updating.

MEA: 11.0.10.1002_COR_H_XX_PRD_RGN_2AD5D1229BB4269B6243E2B98689023790CBCA7E_SHA1

Thanks to Lenovo for the new firmware!

What exactly can the 1.5MB version of Intel Management Engine do? I have computers with i219v and i218v network adapters. Unlike my workstations with 5MB AMT version I cannot find a manual online of what Intel’s consumer ME is capable of and how to control computers remotely with it. Are there utilities to remotely do things to computers with 218V/219V networking? I cannot believe there is 1.5MB worth of firmware and I am having such a tough time to figure out what it does and how to use its capabilities.