Hi @CS2026 

Welcome to the HP Support Community! We're here to help you get back up and running.

The Intel® Converged Security and Management Engine (CSME) detection tool result you shared indicates that your current firmware version is flagged as vulnerable. 

Since you’ve already updated your BIOS to the latest available release, here are the precise steps you can follow to ensure your notebook is fully checked and updated:

Confirm Current BIOS and ME Firmware Version

• Restart the notebook and press F10 to enter BIOS Setup.
• Note the BIOS version and the Intel ME firmware version displayed.
• Compare these with the latest versions listed on the official support page for your notebook model.

Check for Intel ME Firmware Updates

• Even if the BIOS is up to date, the ME firmware may be packaged separately or included in a newer BIOS release.
• Download and install the latest Intel Management Engine Components driver for your notebook model from the support page.
• After installation, restart the notebook and re-run the Intel CSME detection tool to verify if the vulnerability status changes.

Apply Chipset Driver Updates

• Install the latest Intel Chipset Installation Utility available for your notebook model.
• This ensures proper communication between the operating system and the ME firmware.

Run Windows Update

• Open Settings > Windows Update and check for updates.
• Apply all available updates, including optional driver updates, as they may contain Intel microcode or firmware fixes.

Re-test with Intel CSME Tool

• After completing the above steps, run the detection tool again.
• Confirm whether the vulnerability status is resolved.

Note

• Firmware updates for Intel ME are typically bundled with BIOS updates, but in some cases, they may be released separately as part of driver packages.
• If the detection tool continues to show vulnerability after all updates, it means Intel has identified the issue but no firmware patch has yet been released for your specific notebook model. In that case, the system remains functional, but the tool will continue to flag it until a patch is provided.

If my response helped, please mark it as an Accepted Solution! ✅ It helps others and spreads support. 💙 Also, tapping "Yes" on "Was this reply helpful?" makes a big difference! Thanks! 😊

Take care, and have an amazing day!

Regards, 

Hawks_Eye

Hawks_Eye, 

Thanks for your insight, I've checked into all of the suggested solutions below and completed those that weren't yet done. I still have the issue. The CSME tool still flags me as vulnerable and the root-level access to my notebook is still there.  After inspecting the BIOS (Insyde), I noticed that there isn't any information on the Intel ME or its version number. Often enough I've been told that it isn't used in my laptop, but you know as well as I that it is always present.  Also, the HP Support Assistant was reporting that my BIOS was up to date for weeks even though I was at version F.46 while the most current version is F.51. Do you have any insights on this? Is HP aware of this? Is there anyone at HP that I could speak to?

I truly believe I'm dealing with a Firmware - Level exploit. Nothing I do in Windows has been useful.  I understand that there have been rumors that the government of the US uses this as a backdoor into civilian laptops. This makes sense to me (even if it isn't the government) because I can't see anything other than the interrupted IO (blocked keystrokes, caps lock toggle, num lock toggle, cmd applications launching). It also seems that I'm being connected to a clandestine network in which my device can be accessed wherever I am, even when not powered (Turned off, battery installed). 

Any insights on these issues will be greatly appreciated.  I look forward to your reply. 

You are very welcome @CS2026 

Based on what you’ve described, here are the most precise steps you can take to address the Intel Management Engine (ME) vulnerability concerns on your notebook:

1. Verify BIOS and ME Firmware

• Restart the notebook and press F10 to enter BIOS Setup.
• Check the BIOS version currently installed.
• If the ME firmware version is not displayed in BIOS, it may be embedded and not exposed in the interface. This does not mean it is absent—it is always present on Intel platforms.

2. Update BIOS Manually

• Even if HP Support Assistant reports the BIOS as up to date, manually compare your installed version with the latest available on the official support page for your notebook model.
• Download and install the latest BIOS package directly from the support page, not through Support Assistant.
• After installation, restart and confirm the BIOS version has updated.

3. Install Intel ME Components Driver

• From the support page for your notebook, locate and install the Intel Management Engine Components driver.
• This package may include ME firmware updates or enable proper communication with the firmware.

4. Update Intel Chipset Drivers

• Install the latest Intel Chipset Installation Utility for your notebook model.
• This ensures the operating system communicates correctly with the ME firmware.

5. Apply Windows Updates

• Open Settings > Windows Update.
• Install all available updates, including optional driver updates. These may contain Intel microcode or firmware fixes.

6. Re-run Intel CSME Detection Tool

• After completing all updates, run the detection tool again.
• Confirm whether the vulnerability status changes.

Note

• ME firmware updates are typically bundled with BIOS releases, but sometimes they are delivered through driver packages. If the detection tool continues to flag your system after all updates, it means Intel has identified the issue but no patch has yet been released for your specific notebook model.
• The system remains functional, but the tool will continue to report vulnerability until a firmware patch is provided.
• If your BIOS interface does not show ME details, this is by design on certain notebook models. It does not mean ME is absent, only that it is not user-visible.

Regards,

Hawks_Eye

Unfortunately, the suggestions (most of which have already been done) that you've given haven't changed the output of the Intel ME Vulnerability tool. It's still reporting my system as "vulnerable". This is probably the case because the problems I see at the I/O level of the device persist. 

Does HP have a protocol available for a full re-write/flash of the SPI?  Is it possible that someone has gained access to the Management Engine in an indirect way? This is what I believe. The assumption is that unless Intel Management Engine is linked to the vPro/AMT system there is no way to access it, then why is it there? Are you aware of a method to access it from the BIOS level outside of the standard Intel tools? For example, are there tools used at HP when running diagnostics at the hardware level or writing the software for diagnostics. These tools exist, correct? I believe a sinister actor has altered my computer at this level. No Windows-based security software would detect it. My own security software (ESET) and their technicians aren't able to detect it.  

I understand that some of these questions may be outside of your technical domain, but I would appreciate it if you could do the research in-house.  I look forward to your thorough and comprehensive reply. 

We sincerely thank you for your patience and co-operation during this troubleshooting process.

I'm sending you a private message to guide you on the next steps.

To access it, click the private message icon in the upper-right corner of your HP Support Community profile, next to your name.

If this resolves your issue, kindly mark this post as "Accepted Solution" and click "Yes" if it was helpful.

Take care and have a great day!

Regards,

Hawks_Eye

Like I mentioned before, this problem has occurred with one of my other laptops, the HP15 PC dy4000 series. I'm not sure how it happened but it also seemed that someone was "under the OS" with KVM access. The last time I tried to update the BIOS, the file copy jumped to 75-80% immediately (this is on both of them) and continued from there. This is a sure indicator of something going on at the BIOS/UEFI level. 

Would HP be willing to offer a solution that allows for a FULL flash of the SPI on the board (to include the other partitions)?. This may overwrite any existing rootkits.  I have considered a motherboard swap, but since I don't know how the intrusion is coming about this may be too far to go just yet. 

If you check your records you'll notice that I called in about a year ago regarding the screen on the dy4000. After further investigation it seemed to be a bad memory module in the end.  This may be a result of the low-level attack.  

I would really like to get to the root of the problem before buying a new computer. Does this require escalation?

Any suggestions that you can provide would be appreciated.