ME "unlock" and Impact On Modded Bios Flashing - Lenovo Ideapad Y700 15isk (Skylake-H)

I own a Lenovo Ideapad Y700 15isk. The bios is secured and, apparently, unsigned (modded) bioses cannot be flashed; only a SPI programmer is possible. I am trying to circumvent this as I have no access to this tool where I live - Ghana. I have dug around a bit and discovered certain interesting things I want to share with you so that you could offer me your opinion concerning possibilities/options.

My current ME Info Summary is as follows:

Intel ME FW Version: 11.0.0.1202 H
Intel ME Recovery Image Version: 11.0.0.1202
Intel ME FITC Version: 11.0.0.1202

My ultimate goal is to unlock the advanced menu and other hidden features in the ME and then reflash through normal method.

Lenovo has released a good number of bioses, but with an older version 3.5, which was quickly pulled, they also included an upgrade of the ME FW to 11.0.0.1202. I don’t know if it is as a result of this upgrade, but the flashing of this particular 3.5 bios was unusual. I flashed the bios in Windows 10 x64 Pro. The system rebooted 5 times as part of the bios upgrade and process. The phases are as follows:

Phase 1: UAC disabling (registry edit and reboot)
Phase 2: ME “Unlock” (reboot)
Phase 3: Bios FW loading (reboot and flashing)
Phase 4: UAC enabling (registry edit and reboot)
Phase 5: Confirmation of success

During the second cycle, I noticed an eye-popping “ME Unlock” in the sequence of lines displayed in the CMD window. So I unpacked the package and found a number of files with two batch files; “setup.bat,” and “process.bat” among them. The setup.bat initiates the process, as follows:

echo Step 1: tun off UAC
echo y | reg add “HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System” /v EnableLUA /t REG_DWORD /d 0 /f>nul
if %errorlevel%==1 set ERRORMSG=Could not disable UAC && goto ERROR
reg add “HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced” /v “EnableXamlStartMenu” /t REG_DWORD /d “0” /f

@copy /y %Temp%\ThreeFlash\Process.bat %Userprofile%\AppData\Roaming\Microsoft\Windows"Start Menu"\Programs\Startup\Process.bat > nul

Shutdown.exe -r
goto end

On the next boot, process.bat kicks into action with the following line:

echo Step 2: Unlock ME before flash BIOS and EC!
cd %Temp%\ThreeFlash
WinTest.exe C45 D80
WinTest.exe C40 D02

A little something on this;

WinTest.exe C45 D80 unlocks the ME. Even though it says unlock, it seems more like shutdown, I suppose in preparation for the upgrade because after this command is issued the ME is unresponsive to any commands. MEInfo, MEManuf, and FWUpdLcl64 all don’t work. I lose audio after the reboot.

WinTest.exe C40 D02 reboots the system.

After observing this, I replicated the UAC off, reboot, ME unlock, reboot, and dumped my entire bios with the flashing app, H2OFFT-Wx64 using the ‘BackupROM’ flag. I then reversed the process, as detailed in the batch files.

Audio was restored again with a WinTest.exe C45 D81 command, and a system reboot.

My question is, with the “unlocked” ME dumped bios, is it possible that the ME could be in a vulnerable state where its settings could be changed? Since it’s totally unresponsive in a live system, could it be extracted and settings edited to unlock it permanently, injected back and possibly flashed back while the system is rendered receptive again - ie. UAC off, ME unlocked? Is this worth a shot? It appears the ME unlock procedure is only necessary for the upgrade of the ME firmware and so has nothing to do with the secure-flash protection mechanisms of the rest of bios, but I want to believe that the ME itself can offer a backdoor into the castle.

Please advice. I have all the files and would be glad if the geniuses in the community could look into this.

PS: I did manage to upgrade my ME FW to version 11.6, but FITC version still remained 11.0. I’ve since reverted back with a fresh bios update. While on 11.6, I got some errors (yellow text) in MEManuf. Also, I couldn’t downgrade or revert to 11.0 using FWUpdLcl64. Only a bios reflash did the trick.

Thank you.

Here is a MEInfo report of my system:

I would dump the flash descriptor locks before and after using the wintest option with fpt.

If the ME is unlocked and not running: ie no bios menu, no lan activity, then it shouldn’t be remotely vulnerable. From your local machine people would need signed code to infect the ME and they could just write something into your bios anyway.

Yes that shutdown is essential for the Flash Descriptor read/write access to the ME to be unlocked and thus allow whole SPI image dumping and/or reflashing. It shuts down and at the next power on the BIOS sends a special message to ME during POST in order to temporarily (until next reboot) unlock access to its firmware for servicing. When the ME is in this recovery mode, all tools that rely on the MEI driver do not work, so that includes MEInfo, MEManuf and FWUpdate from the common ones.

Yes and no. The ME is both an "operational" (power management, fan control, silicon workaround etc - check the intro of the ME thread) and security engine (IPT, BootGuard etc). From a security standpoint, the ME does not rely at the Flash Descriptor lock (locked ME read/write access) to keep itself protected. It will not execute any nefarious code but enter recovery mode if it detects alterations, corruption etc. Also changing it’s settings at the SPI flash firmware is not very feasible without breaking checksums, causing corruption etc. Those configuration settings stored there are not sensitive data either way. Bottom line is this: leaving the FD unlocked allows easy repairing/reflashing/upgrading/modding etc of the ME via software tools such as Flash Programming Tool (FPT), flashrom etc. Generally though, as per Intel recommendation/instruction, the FD should be kept locked to prevent unwanted modifications of the locked SPI partitions, meaning FD and ME. It’s usually a good way to prevent BIOS flashers/updaters etc from accidentally deleting the ME firmware by accident and thus causing a brick or similar.

If you want you can unlock the FD by changing some bytes in order to not require that Lenovo tool to unlock it every time. In your case, since you now have a tool which can unlock the FD whenever you need, you can keep it locked and only do otherwise when you want to repair/upgrade etc.

Yes, the main reason for unlocking the FD is to service the locked/"protected" regions of the SPI chip, meaning FD and ME. Any BIOS-specific locks (protected ranges etc) are not related to the above. The BIOS is not locked at the FD access control but can have its own protections which are vendor, OEM etc specific. I don’t have knowledge on the latter, nor do I know how to unlock hidden menus and so on. That MEInfo report shows something very important, your system does not have Intel BootGuard enabled. BG cannot be disabled once activated by the OEM (a PCH swap would be needed) and it would prevent any BIOS modding from your part. So the fact that is is disabled is not ideal for security but it does allow you to mess around if you like. Be careful to not enable it by accident when configuring the ME (BootGuard settings at Flash Image Tool) if you want to keep it that way.

It doesn’t matter. The FIT version is just the tool that was used to configure the ME region. When you use FWUpdate that field remains as it was before by the OEM. If you actually used FIT 11.6 to configure a ME region and flashed it, that field would change as well. But it’s only a visual thing, useless otherwise. As for the bold "GbE Region Missing" warning, that’s normal for systems which do not use an Intel GbE controller.

Those MEManuf errors are normal when using 11.6 tools at 11.0 based systems and/or firmware. They have been reported by others in the past too, so they’re probably temporary software bugs, and thus should be ignored. You cannot downgrade from 11.6 to 11.0 using FWUpdate as it’s not a valid "upgrade"/downgrade option due to higher Version Control Number of any 11.6 firmware compared to 11.0.

Thanks to NSAFarm and Plutomaniac for your inputs. I ventured a bit further and run a tool supplied by Dudu2002 on bios-mods. I’ve linked him to this thread. There is a marked difference in the stock and unlocked results.

https://www.sendspace.com/filegroup/g68zU%2FUOlpzpqSy82yiPyw

I’m pretty sure Lenovo’s internal tool could write directly to the right registers but, alas, I have no idea what those are.

Could you please upload the Lenovo BIOS mentioned in the first post?

@Zucker2k please upload the original bios (the one you decompressed and that contains the utilities) that ca be very useful for rasearch!

I found this one and need to be unpacked and tested if it is the correct one:

https://download.lenovo.com/consumer/mobiles/cdcn35ww.exe

nope… that is the new one. not the one mentioned in the first post.

here it is one that fit the description in first post, you can unpack with 7z.
https://download.lenovo.com/consumer/mob…eupdate_002.exe

I have to test it on M92p and T410 to see if I can read the ME firmware, unlock flash descriptor.

thanks!! how did you find it? I lost an hour searching for it.

Last night I lost ~6h trying to find and unpack different bios file.
Today it was quick I look directly after AMT firmware for that model and it was quick to unpack.

I test WinTest on Lenovo M92P desktop but no luck…
this was the answer at first run… no idea what OBF is:
WinTest.exe C45 D80
-C45 D80
System is in OBF status.: No error
Received data len= 1
Received Data 0 = 55

after that all I get if I test with different data is:
Received data len=0

EDIT:
keyboard disabled on T410 until I reboot:

WinTest.exe C40 D02
-C40 D02

Received data len= 2
Received Data 0 = f0
Received Data 1 = 5a

here it is data from Wintest from 2 Lenovo computers maybe it help to understand and map:

T410
Common RAM
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
--------------------------------------------------------------------
F600 06 34 CC 77 28 00 00 00 18 0A EA 01 08 10 00 00
F610 D2 3C EA 01 D0 3C EA 01 68 FE 18 00 F5 0F 41 00
F620 FD 0F 41 00 75 F7 D9 F3 00 00 00 00 28 00 00 00
F630 C0 DA 42 00 01 00 00 00 00 00 00 00 C0 DA 42 00
F640 28 00 00 00 A4 FE 18 00 2D 10 41 00 24 0A EA 01
F650 CE 16 41 00 01 00 00 00 C5 16 41 00 B9 F7 D9 F3
F660 35 00 00 00 A8 9C 42 00 00 00 00 00 06 00 00 00
F670 35 00 00 00 74 FE 18 00 00 00 00 00 08 FF 18 00
F680 A0 E9 40 00 35 60 83 F3 FE FF FF FF C5 16 41 00
F690 B9 A2 41 00 01 00 00 00 D8 3C EA 01 35 00 00 00
F6A0 01 00 00 00 20 00 00 00 00 00 00 00 D0 FE 18 00
F6B0 FF 41 41 00 E8 D1 42 00 18 FF 18 00 3A 18 41 00
F6C0 11 00 00 00 98 CE 40 00 01 00 00 00 A8 9C 42 00
F6D0 87 CE 40 00 05 F6 D9 F3 B1 1D 00 00 00 00 00 00
F6E0 01 00 00 00 35 00 00 00 EC FE 18 00 B9 14 DB 76
F6F0 78 FF 18 00 A0 E9 40 00 B5 6E 83 F3 FE FF FF FF

M92p
Common RAM
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
---------------------------------------------------------------------
F600 16 34 6D 77 28 00 00 00 18 0A 37 00 08 10 00 00
F610 F2 39 37 00 F0 39 37 00 68 FE 18 00 F5 0F 41 00
F620 FD 0F 41 00 71 24 9C 41 00 00 00 00 28 00 00 00
F630 C0 DA 42 00 01 00 00 00 00 00 00 00 C0 DA 42 00
F640 28 00 00 00 A4 FE 18 00 2D 10 41 00 24 0A 37 00
F650 CE 16 41 00 01 00 00 00 C5 16 41 00 BD 24 9C 41
F660 35 00 00 00 A8 9C 42 00 00 00 00 00 06 00 00 00
F670 35 00 00 00 74 FE 18 00 00 00 00 00 08 FF 18 00
F680 A0 E9 40 00 31 B3 C6 41 FE FF FF FF C5 16 41 00
F690 B9 A2 41 00 01 00 00 00 F8 39 37 00 35 00 00 00
F6A0 01 00 00 00 20 00 00 00 00 00 00 00 D0 FE 18 00
F6B0 FF 41 41 00 E8 D1 42 00 18 FF 18 00 3A 18 41 00
F6C0 11 00 00 00 98 CE 40 00 01 00 00 00 A8 9C 42 00
F6D0 87 CE 40 00 01 25 9C 41 B1 1D 00 00 00 00 00 00
F6E0 01 00 00 00 35 00 00 00 EC FE 18 00 B9 14 33 76
F6F0 78 FF 18 00 A0 E9 40 00 B1 BD C6 41 FE FF FF FF

https://pcsupport.lenovo.com/us/en/produ…ffiliate:xg02ds

Descriptor + ME unlock dump flash for Lenovo Y700-15ISK

extract "DESC_ME_Unlock.zip" to drive D:

Open CMD Run as administrator, and navigate to "DESC_ME_Unlock" folder
To unlock descriptor and ME, in CMD window, type:

ME_unlock
 

fptw.exe -D me.bin -ME  
fptw.exe -D desc.bin -DESC
 

me.bin 2MB file generated
desc.bin 4KB file generated


To flash ME and descriptor in CMD window, type:

fptw.exe -rewrite -F desc.bin -DESC
fptw.exe -rewrite -F me.bin -ME
 

To dump BIOS in CMD window, type:

fptw -bios -d bios.bin
 

bios.bin 6MB file generated


AFTER DONE WITH FLASH ME AND DESCRIPTOR, MUST LOCK ME FOR ENABLE AUDIO SOUND OF LAPTOP
To lock descriptor and ME, in CMD window, type:

ME_lock
 

fptw -rewrite -bios -f bios.bin
 

DESC_ME_Unlock.zip (958 KB)

my_bios_descriptor.zip (621 Bytes)

@ataigun I have the same laptop. The inability to flash BIOS is due to Protected Range Registers. Nothing you do to the descriptor will change anything.

You can get rid of the PRRs by patching BiosRegionLockDxe. I described it in another thread. The way I did it, you still have to do external flashing once (and later make sure to only flash modified BIOS so as not to lock yourself out).

Does this BIOS have FLOCKDN bit in the BiosRegionLockDxe, or is just removing PRR adequate.

Also, sorry for this silly question, but why not just update the bios using the normal vendor available methods, since the hard part here was update the ME region, I would think you have r/w access to bios.bin region just by default, so shouldn’t the regular “vendor approved” ways of updating the bios be adequate? Thanks.

"Normal vendor-available methods" only permit flashing a signed BIOS image. If you want to make any changes to it, the BIOS cannot be flashed this way.

Why do you think updating the ME region was the hard part? A utility released by Lenovo with one of the BIOS updates for this model long time ago made it quite easy. Anyway, modifying the descriptor cannot make the BIOS region available for writing. You need to defeat the PRRs. Once the PRRs are zeroed it doesn’t matter if FLOCKDN bit is preventing PRRs from being changed since there is no need to change them anymore. I already posted all these details in that other thread I gave the link to in my previous post.

That post belongs here hehe. Too bad about the external flash. How did Wootever succeed with all software solution to the Xiaomi?

Anyway, this is a giant step indeed. Well done!

@Outsyde : Do you know the variables for vccio and vccsa for the Y700? I’ve been doing some memory overclocking (stock Hynix 2133 RAM) but can’t get DDR4 2800 MHz stable without resorting to throttlestop, with mixed results. I can do DDR4 2400 @ 11-12-12-28; DDR4 2600 @ 12-14-14-30; DDR4 2667 @ 13-14-14-32; all stable @ stock vddq voltage of 1.20v. I have to bump this to 1.25v to get DDR4 2800 MHz stable (somewhat) with the help of throttlestop (raising SA offset by about 0.025v.

I wonder if any of the settings above are exposed in the “Advanced” menu in bios. If so, they’ll be worth tracing down. Thanks.

Hello,

I have the -17ISK and searching around the web, i found this guy here that has his bios unlocked.

https://youtu.be/fgUuF_Un1RM?t=30

At 0:30 of this video an option for Memory Voltage is shown, with setting at 1.40V.

As far as i know this guy had contacted user Dudu2002 from another forum and he unlocked his bios on demand.

Don’t know how he did it, but he said he needs the dump from each user’s bios to do this.

Also because of write protection, this mod is flashed as follows : "Bios mod can be flashed using SPI-programmer+SOIC8 clip only "

Youtube video owner also uploaded a copy of his unlocked bios in video comments.

Would be great if someone checked this to see what mod was done.