cancel
10P8TRIOT Tutor
Tutor
11 8 0 1
Message 1 of 8
16,206
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

HP ProBook 450 G3
Microsoft Windows 10 (64-bit)

I have a ProBook 450 G3 running Windows 10. I am planning on updating the BIOS to N78 Ver. 01.15 Rev.A (from Ver. 01.12). I noticed the following statement on the BIOS download page: "HP strongly recommends updating the Management Engine firmware to version 11.0.18.1002 to prevent BIOS/Management Engine firmware corruption issues.". How can I determine the version of the IME firmware on my system? The latest version of the IME firmware for download is 11.0.0.1202 ... should I just go ahead and download and install that before the BIOS update?

 

Thanks in advance,

Mike

7 REPLIES 7
Provost Provost
Provost
8680 8535 698 3122
Message 2 of 8
16,196
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

Hello,

 

Thank you for posting in the HP Support forum.

 

To answer your question about Intel ME... Perhaps in the Control Panel > Programs and features. When you find it there click on it and it should show a version

or

if you search for it in C:\Program files or C:\Program files (x86) and search inside the folder, it should show the version somewhere.

 

You may also see if this tool will work on W10 > https://downloadcenter.intel.com/download/19009  

 

 

 

But considering you already have experience with BIOS things , I am wondering why do you want to do it again... General recommendation I provide to users/customers is NOT to upgrade BIOS/UEFI unless they experience any kind of specific BIOS/UEFI issue. Updating just for the "noble cause" of updaing and just for using the latest verson is not solution. Any kind of update (no matter for what and who relesed it) can fix 2 issues but may introduce 10 more issues. Additionally, upgrading the BIOS (for any vendor) poses more risks because BIOS recovery is not that easy as compared to typical software updates IF something goes wrong.

 

Same applies for Windows Updates, OS update, drivers updates, etc - upgrade/update IF you have issues which you know are fixed in the newer version or for some severe security issues. Otherwise, keep the existing version as long as possible. 🙂

****  Please, click on the button below to mark this post as an ACCEPTED SOLUTION if it helped you
****  Don't hesitate to hit the THUMB-UP+ button below to say THANKS or give LIKE
I am not employed by HP Inc. **** I express personal opinion only. **** HP Expert **** I work in IT and cyber security

Reply
0 Kudos
10P8TRIOT Tutor
Tutor
11 8 0 1
Message 3 of 8
16,157
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

So I should ignore HP's Critical Driver Alerts?

 

HP.jpg

Reply
0 Kudos
Provost Provost
Provost
8680 8535 698 3122
Message 4 of 8
16,146
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware


@10P8TRIOT wrote:

So I should ignore HP's Critical Driver Alerts?

 


If I were you, I would ignore this if my BIOS worked fine.

****  Please, click on the button below to mark this post as an ACCEPTED SOLUTION if it helped you
****  Don't hesitate to hit the THUMB-UP+ button below to say THANKS or give LIKE
I am not employed by HP Inc. **** I express personal opinion only. **** HP Expert **** I work in IT and cyber security

Reply
0 Kudos
10P8TRIOT Tutor
Tutor
11 8 0 1
Message 5 of 8
16,135
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

Okay, thanks. BTW, I found the HP Support Communication that details the changes implemented with this BIOS update. It answers my original question. This BIOS update actually updates the Intel Management Engine firmware to fix security and corruption issues with the previous releases. And the document includes the following admonishment ... "HP strongly recommends updating to this BIOS version, which supersedes all previous versions".

 

-Mike

Reply
0 Kudos
nstcb Honor Student
Honor Student
2 2 0 0
Message 6 of 8
15,469
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

The updated Intel Management Engine Firmware was not coming up in HP Softpaq, but I was able to locate manually specific to my HP ProBook 450 G3

 

https://support.hp.com/us-en/drivers/selfservice/swdetails/hp-probook-450-g3-notebook-pc/7834555/swI...

Reply
0 Kudos
Intern
Intern
45 39 0 4
Message 7 of 8
12,885
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware

>Updating just for the "noble cause" of updaing and just for using the latest verson is not solution.

 

HP seem to be taking a different line these days and are pushing our BIOS firmware updates via the HP support tool which nags users to install the updates via the system tray icon.

 

Reply
0 Kudos
Master's Graduate
Master's Graduate
382 369 22 61
Message 8 of 8
11,146
Flag Post
HP Recommended

Solved!

BIOS Update / Intel Management Engine Firmware


@IT_WinSec wrote:

 

    If I were you, I would ignore this if my BIOS worked fine.


 

It's an old post but as others can find this thread via google search, as i did, the above flawed comment needs an answer.

 

ME has had some serious security issues discovered and reported to Intel this year. And there have been others reported in previous years. As a result, twice in 2017 Intel has pushed out fixes to ME that OEMs have picked up and released for their systems, many of which are no longer supported or under warranty.

 

The fact that OEM's actually released updates on out of warranty systems probably highlights the severity of this issue.

 

But if some people don't care about the security of their system That's their choice. Just keep in mind that an flawed ME implementation can be silently compromised at -3 ring level (that's before BIOS/EFI starts).

 

Those ring -3 exploits on your system at that level can do anything - even place a root kit containing key loggers that is then invisable to the OS virus scanner and thus steal passwords to your banking apps and send them off to some scum that empties you account of your hard earned $$ -  that was one demonstrated use of an older ME vulnerability and this years vulnerabilities are worse according to some...

 

The reality is that just because one can't see or understand a problem doesn't mean that all is well. Thinking of not updating what works without an understanding of what broken thing was fixed with the update is simple a dangerous view to have these days.

 

As such, either do some research or take the Intel or your OEM's advice and update these critical ME vulnerabilities according to the Intel/OEM critical advisories.

 

Heck, if anything, the outrage should be that we owners of these systems have no way to shut off this insecure closed source security processor within a processor that has access to everything (even when the system is powered down)...

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation