Intel (Converged Security) Management Engine: Drivers, Firmware and Tools (2-15)

tistou77 · January 18, 2018, 9:55pm

Oups… Sorry

ErfanDL · January 19, 2018, 9:22am

which firmware is correct for asus Z170-A ? PCH-H or PCH-LP ?

thanks

GLaDOSDan · January 19, 2018, 9:57am

Hi @plutomaniac ,

Thanks for your quick reply.

I’ve ran fptw64 -greset which succeded and then rebooted my PC straight into FreeDOS and ran MEInfo with the following output:

https://i.imgur.com/2W00Kyb.jpg

I’m still seeing “Error sending end of post message to ME: HECI disabled, proceeding with boot” every time I POST - is this HECI being disabled somehow relevant? I’ve had a look through my BIOS and motherboard’s manual and can’t find any mention of enabling/disabling HECI or ME or anything.

Many thanks,
Dan

ddelo · January 19, 2018, 3:29pm

Dear Mr. Mavropoulos @plutomaniac ,

I’m using an hp 250 G4 laptop, with a 5th generation Intel(R) Core™ i5-5200U CPU. The system is running on Consumer/1.5M image.

For my system:
1. The Intel MEInfo tool reports:

Intel(R) MEInfo Version: 10.0.56.3002

GBE Region does not exist.

Intel(R) ME code versions:
BIOS Version: F.23
MEBx Version: Not available
Gbe Version: Unknown
VendorID: 8086
PCH Version: 3
FW Version: 10.0.45.1024 LP
LMS Version: Not Available
MEI Driver Version: 11.7.0.1045
Wireless Hardware Version: Not Available
Wireless Driver Version: Not Available

2. The Intel-SA-00086 Detection Tool 1.0.0.152 finds the system NOT vulnerable.

For this HP 250 G4 Notebook PC, on Dec 14, 2017, hp issued an Intel Platform ME Firmware Update (sp84244) designating it as "Critical" - https://support.hp.com/us-en/drivers/sel…mId/ob-202855-1

I downloaded and extracted (without installing anything) the softpaq. Not being an expert, it seems that it includes 3 FW files. Checked them with ME Analyzer v1.42.0 and found that the FW included in the softpaq are:

CSE ME family
11.11.50.1422 / Consumer H,
11.8.50.3425 / Consumer LP
11.8.50.3425 / Consumer H

Having in mind that hp in general are relatively cautious with their updates, how come they are now recommending CSE ME firmware update for an ME 10.0.45.1024 LP.
Will it fail when I try to install it, or will it brick my pc. So before turning my laptop into a brick, would it be possible to get your expert opinion if I need to install this update?

Thanks in advance.

Dimitri

plutomaniac · January 19, 2018, 6:09pm

@ GLaDOSDan:

The CSME firmware is healthy but its settings (ME File System) are corrupted, as reported by MEInfo. You’ll need to reflash the SPI/BIOS chip to fix that. Does your board have a removable SPI chip or is it soldered? Do you have a programmer? Are you able to run “fptw -me -d me.bin” or so do see a CPU access error? If you follow these steps but at step 3 run “setup_var 0x6ED 0x01” instead, are you able to successfully run “fptw -me -d me.bin” now?

@ ddelo:

You cannot use CSME 11 on a system with ME 10 firmware. That update does not concern your system.

ddelo · January 19, 2018, 10:45pm

Thanks a lot for your prompt response. That’s exactly what I thought too. Strange though for hp, to recommend updating the ME 10 system with a CSME FW!
Take care!

GLaDOSDan · January 20, 2018, 2:45pm

@plutomaniac

Thanks again for your advice. “fptw -me -d me.bin” ran successfully the first time without needing to boot into the EFI environment: https://i.imgur.com/oBUKMlQ.png

plutomaniac · January 21, 2018, 12:45pm

@ GLaDOSDan:

I doubt you’re that lucky as ASUS tends to lock access to the Engine region nowadays. Run MEInfo -verbose under DOS or EFI (MEInfo -verbose > meinfo.txt), then compress & attach the result. I suspect you can Read but not Write to the Engine region so, in such case, you’ll need to try the other methods as explained above.

GLaDOSDan · January 22, 2018, 9:39am

@plutomaniac

Sorry for the delay in getting back to you on this. Here’s meinfo -verbose when run under FreeDOS.

https://pastebin.com/sQtFjyzq

Cheers.

plutomaniac · January 22, 2018, 1:34pm

The log doesn’t help because the firmware is not reporting back its read/write status due to corrupted MFS. Let’s test it manually. Dump the CSME region (fptw -me -d me.bin) and then try to flash it back (fptw -me -f me.bin). Does it work? If not (cpu access error), you’ll need to try the other methods mentioned above.

GLaDOSDan · January 22, 2018, 6:10pm

@plutomaniac

As you predicted, I get “Error 451: The host CPU does not have write access to the target flash area. To enable write access for this operation you must modify the descriptor settings to give host access to this region.
FPT Operation Failed.” when trying to flash me.bin back. I’m heading off to work now, but I’ll give your EFI method a go later tonight/tomorrow and let you know how that goes.

Thanks again for your help with this, it’s very much appreciated.

GLaDOSDan · January 23, 2018, 4:06am

Hi again @plutomaniac

Booted into the EFI/grub shell provided in your earlier post and ran “setup_var 0x6ED 0x01”. The command seems to have run okay; “setting offset 0x6ed to 0x01” was the last line of output from the command (after a few errors complaining about non-matching GUIDs, if that’s relevant?).

My system then refused to boot no matter what I did - the fans would spin up, but I’d get no video even from the onboard video card. After putting the latest BIOS onto a flash drive and using the BIOS flashback button on the board, that got me back into the BIOS and I was able to boot back into Windows once again. I was still getting the “HECI disabled” errors on POST.

I’m now still getting 'Error 451: Host CPU does not have write access to the target flash area.'

Out of frustration when my board wouldn’t POST at all after running the setup_var command, I decided to contact Amazon and they’ve agreed to send me a replacement board, so I guess this is the end of this saga.

Many thanks for your help, @plutomaniac - it’s been much appreciated.

------------------------------------
Just as a follow up to all of this - I figured before I go and swap out my motherboard I’d try re-seating my RAM one DIMM at a time. Turns out I have one faulty DIMM. The system wouldn’t POST at all with just the faulty DIMM. Removing the faulty DIMM now gets rid of the HECI disabled error and allows me to update the Management Engine as expected.

jbmd · January 24, 2018, 4:48am

I was fed up with particularly (by FWUpdLcl64.exe) updated ME being downgraded again after BIOS flashing. So I took the risk and updated the ME region in the BIOS file following virtualfred’s guide.
Everything went flawless: Gigabyte Z77, new ME version 8.1.70.1590.
So what’s wrong with that guide? Is it applicable to older platforms only?

plutomaniac · January 24, 2018, 12:28pm

Many things are wrong with it (old version, wrong assumptions, redundant steps etc), there is no point in explaining in detail. Follow the CleanUp Guide to do what you want.

Net7 · January 25, 2018, 2:50am

Should I bother trying to update v11.8.50.3425 to v11.8.50.3426?

Also, is it as easy as replacing the .bin that’s with the Intel ME Update Tool_ME118H download from MSI?

(done it before in the firmware thanks to help from here, just wondering if they where derp enough to let the updater work with newer versions)

RvdH · January 25, 2018, 11:03am

I think i accidentally used FPT with wrong parameter (i think i used: fpt -i me.bin) trying to revert Intel ME 9.1 to 9.0 firmware using FDO jumper on motherboard (to unlock flash descriptor), the system is unable to boot, fans are running, but no post screen or whatsoever

Anyone knows how to recover BIOS? Do i need to program EEPROM?

The FDO jumper is not documented very well, only relevant info i could find was:

plutomaniac · January 25, 2018, 12:44pm

@ Net7:

It is as easy as using FWUpdate tool, as explained at the first post. OEM “updaters” are just pretty-looking FWUpdate wrappers.

@ RvdH:

Honestly, if you think you used the wrong parameter then you don’t take SPI flashing seriously, which is the fastest way to end up with a brick. FPT is a very dangerous tool when used carelessly. Parameter “-i” does not do flashing, only shows info, so that’s not what you used. You haven’t explained what “me.bin” is but I’ll assume that it is an Engine firmware region only (not full SPI/BIOS with FD). I’ll also assume that you used parameter “-f” so you basically flashed an Engine region at the entire SPI chip. Another assumption is that you ignored the warning gave by FPT that the size of the firmware to be written is smaller/different that the SPI chip’s. If I’m right then yes, obviously that lead to a brick-fest and yes, you’ll need to use an external programmer to re-write the entire SPI chip.

RvdH · January 25, 2018, 1:27pm

@plutomaniac

Yeah, i know I f**ked up big time, i should have come here to ask for advise first

I ordered both the black and green CH341A-based programmers on ebay, should arrive here any day now
The motherboard has a ROM_RECOVERY header, so I am going to try (this method) to restore the bios using the CH341A

plutomaniac · January 25, 2018, 2:31pm

I hear the green version supplies proper voltage so I would start with that first.

RvdH · January 25, 2018, 2:40pm

Yeah, only if I had just 7(6 used for recovery) pins, my board has 2 additional pins above GND and SPI_CLK as displayed on that other topic…don’t know what these are for!?

Or could these be just to store/place the jumper removed from SPI_CS# pins?