How would I know which version ME firmware my board has and latest supported diver?
Asus Maxumus IV Gene-Z Z68 chipset. latest 3603 BIOS. Using ME drivers 10.0.39.1003
MEInfo V7 gave me an error.
@ uncletim:
Z68 â 6-series. You can use ME Analyzer on ASUS latest BIOS for your board to figure out all details.
Wrong. Both of you, read the first post carefully.
My mistake I thought he said he had a Maximus VI z87 not z68
The âNotice for INTEL-SA-00086 vulnerabilitiesâ has been revamped completely.
Reminders:
CSME v11.0 - v11.7, v11.10 & v11.20 firmware will be removed and replaced in the near future by v11.8, v11.11 & v11.21 respectively.
Flash Image Tool v11.7 is not compatible with CSME v11.8 PCH-LP firmware. An updated FIT v11.8 needs to be found.
That would have been v9.0 or v9.1 firmware. v10.0 was only for 8-series mobile (PCH-LP) systems. Doesnât matter though, now you know.
Just to help some, I saw from a website that Intel has released a program to test your system for the vulnerability.
https://downloadcenter.intel.com/download/27150
Download the appropriate one, extract the 4 folders. Look in the folder called âDiscoveryTool.GUIâ and then run the âIntel-SA-00086-GHIâ. Pop up will appear, let it run which only takes a bit and then it tells you if you are vulnerable. Ran this on my other system and it was outdated. So ran it after updating and here is what I got
http://i65.tinypic.com/657rb6.jpg
Hope this helps anyone else.
EDIT: More details
Patched my GT73VR jokebook laptop and ME firmware and worked fine.
I have an ASUS FX502VM(L) laptop which comes with Consumer PCH-H firmware v11.0 (I doubt itâll get any further BIOS updates). I successfully flashed to the latest version of v11.0 but Iâd like to get the fixes for the INTEL-SA-00086 vulnerabilities. Should I update to the latest v11.8 or does that risk bricking my system?
@ Ver Greeneyes:
I suggest you ask ASUS for a new BIOS and ME firmware update. Otherwise, the âWarning for all CSME 11 systemsâ found at the first post always apply.
I have a GA-B150M-D3H motherboard that originally had the Intel SAB feature. However, it was removed by gigabyte after the BIOS F21. I was wondering if I could swipe the corporate ME firmware to re-enable this feature?
Alright, thanks for the warning. I havenât had much luck with ASUS support in the past but Iâll see if I can reach someone competent.
@ Neill:
Intel Small Business Advantage (SBA) has been in End-of-Life (EOL) state since November 2016 as can be seen here. Newer versions of CSME firmware do not include or work with it. Maybe you could have it partially work (not sure how dependent it was from Intelâs side of things) by downgrading the CSME firmware (for example F20 had 11.0 whereas F21 11.6) but that is highly non-advisable because newer CSME firmware add support for newer CPUs (which you might be using) and fix various important security and/or stability issues.
Intel MEI v11.7.0.1054 for Consumer systems Drivers & Software (Waiting for SD linkâŚ)
Intel CSME System Tools v11 r5
So I figured I would update ME FW on my Asus Apev VI. It had version 11.10.0.1287. I updated to version 11.11.50.1402. Process went smoothly, all looked to be good, powered down and booted back up. I am still able to access bios and get into windows but I am getting version 0.0.00 in bios for ME FW. I tried to go back to original version but I get an error message telling me ME is in error state. I have tried reflashing bios versions but does not solve issue. Cannot load any ME drivers, they now say not compatible with system. Is there a method to undo my screwup?
probably the best option is to wait until Asus releases a new BIOS with v.11.11.X.XXX ME firmware.
All manufacturers should provide one in the close future.
That they will do it for all affected mainboards, is wishful thinking (unless Intel pays for the extra service).
hence the should instead of will
This is from ASUS site:
MEUpdateTool
Intel has identified security issue that could potentially place impacted platform at risk. Use ME Update tool to update your ME.
*We suggest you update ME Driver to the latest Version 11.7.0.1040 simultaneously.
Isnât better download the 11.8 ME from this site? I thought 11.7 was no longer secure.
You are mixing the Intel ME Firmware and the Intel ME driver versions.
@ Winter17:
Your case falls under the âWarning for all CSME v11â, as seen at the first post. In ASUSâs case, I am starting to believe that, on some motherboards, the CSME firmware is ok after the update but the BIOS may have hardcoded expected CSME firmware versions and thus not allow upgrades (stupid moves by OEMs, every year they become more creative). Unless you have read/write access to the ME region (unlocked Flash Descriptor) or a hardware programmer to reflash the chip, I suggest you try âfptw -gresetâ command via Flash Programming Tool. If that does not help, wait for the new BIOS (it will come) which might start working with your existing updated CSME firmware. If nothing helps, youâll need to get a cheap hardware programmer and fix everything quickly that way.