Questions about Boot Guard on CSME 17

Hello to everybody!

I have three questions that I am hoping somebody will be able to help with.

  1. Can the Intel (CS)ME tool be used to disable boot guard on a board that is in Manufacturing Mode? Or what other tool/ method could be used to do it?

  2. Does anybody have a link to CSME v17 or can some older tools be modified to change Boot Guard bits if ME is v17? The board I have reports v17 ME firmware version.

  3. I have checked the 0x13A msr register on a board with Intel® Xeon® Processor D-1736NT, where Intel Boot Guard Verified Boot seems to be enabled based on read bits, but board vendor insists it is disabled. Does anybody know of another good way to double-check the Boot Guard status?

read my post about intel fpt from CSME

read more info here

Thanks for the post and direction. I appreciate your help. Following the post is not possible on my board, since I do not have the v17 of CSME. Which is related to my question (2)

are you sure you using ME 17 version, last version i know right now is v16 using by bios alder lake and raptor lake (13 th) motherboard
can you give screenshot ME Firmware version
using like ME analyzer

SPS 5, not CSME 17

Lol… watchout Intel, 3rd parties are getting ahead of you heheheh

I do not quite undestand yet how SPS-CSME relationship works. Did they just replace the CSME tools set with SPS one?
Can you please point me in the right direction in regards what tools could be used to read&write CPU field programable fuses (FPF) for SPS?

The way I understand it right now is that some version of Intel Flash Image Tool (FITC) could be used, which needs to be used from the right CSME version. Is there a different tool for SPS?

here some more info, i first know if server version do not using CSME (Intel® Converged Security and Manageability Engine) instead SPS ( * Intel® Server Platform Services (Intel® SPS) from here
So it like cannot using CSME tools but SPS Tools, i think is not good star modding at server version because tools for that server more rare than normal CPU because of that core of security