Here it will be the last one from me, i’m still curious lol.
Same here
My apologies for assuming.
@vkvishnu @dmedina09 could one of you provide me some older working bios from early 2017 and 2016, on newer bios it might be already got patched in Bios Region.
xps112.zip (3.1 MB)
It is not a full dump but it is the bios region, version 1.1.2
1 Like
Sorry for taking so long. I was digging into my main device before it died (EEPROM) and ended up making things worse while trying to fix it (dead motherboard) 
.
You can replace the Bios Region from the complete image I provided earlier with the old one using UEFITool 25/27/28.
I noticed some differences between the older and newer versions—there were several changes in the cyan area (UEFITool NE). This means we can modify that section if we manage to fix the Computed IBB Hash and Boot Policy Signature using the correct decompression and compression method for LZMA (this is still just my assumption though).
Is there no way we can extract the hash? It’s only through the manufacturer right?
It’s only through the manufacturer right?
Yes, vendor private key.
Would deguard work? Or is this at the Southbridge/chipset level?
It is chipset level. I tried to use deguard, but I do not know how to 
Would deguard work?
It works by making the device run in CSM mode and disabling ME.
but I do not know how to
The Readme.md already pretty much clear what you have to do.
Change the value at offset 0x102 to 93 (HAP and DCI bit enabled) with hex editor. This should be under the flash descriptor. Then, use the output ME from Deguard to perform clean dump.