• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.
Common problems for Battery
We would like to share some of the most frequently asked questions about: Battery Reports, Hold a charge, Test and Calibrating Battery . Check out this link: Is your notebook plugged in and not charging?
Locked

‎03-08-2020 10:09 AM

HP Recommended
Product: Elitebook 2570p
Operating System: Microsoft Windows 8.1 (64-bit)

Hi everyone

I have been offered and Elitebook 2570p. Beautiful machine, good price, but I did some research and I found a vulnerability issue that it is supposedly fixed with the HP provided firmware SP80195.exe, that I have already downloaded, BUT the downloading page only provides the MD5 hash that it is not enough secure for me (there is one youtube video on how to alter the file and fake it to conserve the MD5 hash). Is there anyone that: a) tells me that it really works the patch and b) the sha-256 hash of the file?

Sincerely

1 person had the same question
1 ACCEPTED SOLUTION

Accepted Solutions

‎03-09-2020 08:44 AM

HP Recommended

I just downloaded SP80195.exe and checked the SHA256 value for the EXE and it matches the SHA256 value in SP80195.CVA.

 

ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80195.exe

ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80195.cva

 

The SP80195 deliverable was repackaged with the new HP SoftPaq wrapper in December 2019. 

 

https://support.hp.com/us-en/document/c06542496

 

This was driven by a Security Vulnerability with the old wrapper.

 

https://support.hp.com/us-en/product/hp-pavilion-15-cs0000-laptop-pc/20284004/model/21925595/documen...

 

Joel

I am an HP Employee.

If you like my post, click the thumbs up.

View solution in original post

Was this reply helpful? Yes No
3 REPLIES 3

‎03-09-2020 08:44 AM

HP Recommended

I just downloaded SP80195.exe and checked the SHA256 value for the EXE and it matches the SHA256 value in SP80195.CVA.

 

ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80195.exe

ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80195.cva

 

The SP80195 deliverable was repackaged with the new HP SoftPaq wrapper in December 2019. 

 

https://support.hp.com/us-en/document/c06542496

 

This was driven by a Security Vulnerability with the old wrapper.

 

https://support.hp.com/us-en/product/hp-pavilion-15-cs0000-laptop-pc/20284004/model/21925595/documen...

 

Joel

I am an HP Employee.

If you like my post, click the thumbs up.
Was this reply helpful? Yes No

‎03-09-2020 03:01 PM

HP Recommended

Hi Joel

 

Thank you very much. So SHA-256=fce1cb78ea489284e127a207141637f580c2a567c2e40ad4eea590c291d97c3b. The same I have calculated in my download so I am sure now. Better would be to have sha-384 and sha-512. But it is ok. Now the only thing that remains is how to be sure, after running SP80195.exe, that the bios have been correctly patched I mean a test beyond a simple, text line at booting time. 

Still there are some other vulnerabilities in this machine if you look cve.mitre.org page:  http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=elitebook+2570p, you can find CVE-2017-8360CVE-2016-2243CVE-2015-5368CVE-2015-5367 and CVE-2015-0949  (but curiously not the CVE-2017-5689 ) 

 

Regards

Was this reply helpful? Yes No

‎03-09-2020 03:13 PM

HP Recommended

You might check out this page for some additional support information.

 

https://support.hp.com/us-en/product/hp-elitebook-2570p-notebook-pc/5259393/advisories

 

You can find a list of the current known advisories for the system.  

 

Keep in mind the system is no longer being actively supported as of May 2019 since the system ended production in May 2014.  It's still a very good system and was very popular.

 

Joel

I am an HP Employee.

If you like my post, click the thumbs up.
Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.