Is flashing the BIOS possible via AMT?

Is flashing the BIOS possible via AMT?

Hi,

is it possible to flash/update the BIOS remotely using AMT?

If not, can AMT somehow be used to prevent BIOS updates by the user?

We are planning to use AMT to remote-control several machines in a lab, and so far AMT works really well for what we want to do. While I've successfully accessed the BIOS via AMT, I didn't find a way so far to prevent BIOS updates (or to flash the BIOS remotely myself in order to undo any changes to the BIOS itself).

Thanks in advance,

        -Kyle

4 posts / 0 nouveau(x)
Dernière contribution
Reportez-vous à notre Notice d'optimisation pour plus d'informations sur les choix et l'optimisation des performances dans les produits logiciels Intel.

Hi Kyle,
The answer to the first question about whether or not it is possible to update the FW using AMT is: "It depends" on a number of things. First, it depends on how the OEM implements FW upgrades. Some give you an exe file that you just run in windows. Some require putting the bin file on a usb stick and running the tools from DOS. Some split the FW updates into the different parts/regions for the FW. If your OEM requires a full BIOS/FW update in one file, it probably won't work because you can't replace the BIOS if it is in use.

So it is possible, but depends on OEM implementation.

For the second question, you cannot use AMT to prevent the user from updating the BIOs.

--Gael

Follow me on Twitter: @GaelHof
Facebook: https://www.facebook.com/GaelHof

Hi Gael,

first, thanks for your quick answer!

Quote:

Gael Hofemeier (Intel) wrote:
"It depends" on a number of things. First, it depends on how the OEM implements FW upgrades. Some give you an exe file that you just run in windows. Some require putting the bin file on a usb stick and running the tools from DOS. Some split the FW updates into the different parts/regions for the FW. If your OEM requires a full BIOS/FW update in one file, it probably won't work because you can't replace the BIOS if it is in use.

Assuming a case with split FW updates, could you give me a pointer to the AMT documentation or SDK where I can read about how this would work? I couldn't find anything about this.

Thanks in advance,

-Kyle

I have the same question about Intel desktop boards (in my case DQ965GF, DQ57TM).
GetRemoteControlCapabilities (from SOAP interface) returns 'enabled BiosReflash' in OemDefinedCapabilities for the both.

And it's stated in the "Network Iface Guide" for 'RemoteControl' with 'ReflashBios' bit set: "the boot block reflashes the BIOS on the next boot, using IDE redirection as the source of the BIOS image".

I can't understand the procedure of BIOS update, there isn't step-by-step instruction. "The boot block reflashes...": what is the boot block mentioned?. I tried to setup IDER-CD (with ISO-image, containing BIO-file from the motherboard downloads area) and powerUp by AMT with ReflashBios set. Nothing's happened. By the way, should I set ider-cd boot parameter or not.

I also tried to enter to the bios update by F7 with IDER-CD set; redirected CD drive doesn't listed in the possible sources of BIOS image (like as any hardware CD/DVD).

Laisser un commentaire

Veuillez ouvrir une session pour ajouter un commentaire. Pas encore membre ? Rejoignez-nous dès aujourd’hui