Latest release

Version 4.0.7

@texhex texhex released this Jul 4, 2018 · 18 commits to master since this release

  • Added TPM BIOS setting to prevent F1 prompt from BIOS during TPM update for various models (issue #54)
  • Change ME update command to silent.bat for Z Workstations (issue #55)
  • Added TPM (SLB 9670) firmware 7.63 configuration and set it as default (issue #56)
  • Added BIOS 1.16 for Pro x2 612 G2
  • Thanks to @thecatdidit for the following contributions:
    • Updated 9470m BIOS to F.70 (issue #58)
    • BIOS 1.16 for EliteBook 8xx G4 models (issue #59)
    • BIOS 1.43 for EliteBook Folio 948m (issue #60)
  • Thanks to @datagutten for the following contributions:
    • Added ME and updated BIOS for HP ProBook 6x0 G1/G2
    • Added BIOS 1.45 for HP EliteBook 8xx G1
    • Added BIOS 1.26 for HP EliteBook 8xx G2
    • Updated BIOS and ME for HP EliteBook 8xx G3
    • Updated ME for HP EliteBook 8xx G4
    • Updated BIOS for HP EliteDesk 8x0 G1/G2/G3
    • Updated BIOS and ME for HP ProBook 4x0 G3
    • Updated HP Pro/Elite Desk/One 600/800 G3 models ME and BIOS versions
    • Updated BIOS version for ProBook 6x0 G2
    • Updated BIOS for HP ProBook 6x0 G1
    • Added updates and settings for HP EliteOne 800 G3
    • Added BIOS settings for ProDesk 400 G3 DM (issue #61)
    • Added BIOS settings for ProBook 6x0 G2 (issue #61)
  • Added BIOS Settings, TPM update and TPM BIOS settings for EliteBook G5
  • Added TPM-BIOS-Settings.txt for nearly all models to turn off VTx which allows a TPM update with TPMConfig.exe v2 or later from SP87492 (issue #61)
  • The return code of the ME update program is now checked (issue #63)
   SHA-1: 79c5f0d898ee59e93b78b844c96c29eb28374946
 SHA-256: 22604d76ead1894e691305cdf1699f931340a87b4f304e1e71c8a04d49a6907f

VirusTotal antivirus engines (55+) scan report

Version 4.0.6

@texhex texhex released this May 6, 2018 · 63 commits to master since this release

  • Fix to support new BIOS version numbers (e.g. EliteBook 8xx G5 models) that use a longer format (issue #50)
  • Code redesign - all terminating errors now result in an exception to be thrown so the error message will show the exact code location
  • Removed Management Engine (ME) Vulnerability Check (ME-VulnerabilityScan.txt) as each detection tool will only report the status of one, and only one, security issue (issue #37)
  • Selecting the model folder can now also be done based on the SKU (issue #45) - see https://github.com/texhex/BiosSledgehammer#sku-model-folder for a description
  • It is now possible that several models share the same settings and update files - see https://github.com/texhex/BiosSledgehammer#shared-folder for a description
  • Updated all model examples with BIOS updates that include microcode update to fix HPSBHF03573 - Spectre Security Issue
  • Updated all model examples with ME updates to fix HPSBHF03571 - AMT/vPro Security Issues Intel-SA-00101 / Intel-SA-00086 / Intel-SA-00075
  • Created shared configuration and update files for EliteBook 820/840/850 G1, G2, G3 and G4 series
  • Created shared configuration and update files for ZBook 15/17 G3
  • Created shared update folder for TPM SLB 9670 updates
  • Thanks to @datagutten, the following models are now also supported:
    • HP EliteDesk 700 G1
    • HP EliteDesk 800 G1 USDT/SFF/TWR
    • HP EliteDesk 800 G3 DM/SFF/TWR
    • HP EliteDesk 880 G1 TWR
    • HP EliteDesk 880 G3 TWR
    • HP EliteOne 800 G1
    • HP ProBook 430/440/450 G2 and G3
    • HP ProBook 470 G2
    • HP ProBook 640/650 G1 and G2
    • HP ProDesk 400 G2 and G3
    • HP ProDesk 400 G3 DM
    • HP ProDesk 600 G1 DM/SFF/TWR
    • HP ProDesk 600 G2
    • HP ProDesk 600 G3 MT/SFF/TWR
    • HP ProOne 600 G1
  • Added TPM Activation Policy==No prompts to TPM-BIOS-Settings.txt for all models that support the SLB 9670 TPM update. This will prevent the F1 confirmation prompt before a TPM firmware update will take place (issue #39)
  • Added support for ZBook 15/17 G4
  • MPSXM updated to 3.28.1
   SHA-1: 8aadbfaba389629d6363d1f2ec0680ec4d9b386e
 SHA-256: 9ad0c028df76da3dfc68cda42a0764d4233e97eb1adb78f480f34b0622ea3c33

VirusTotal antivirus engines (55+) scan report

Version 4.0.5

@texhex texhex released this Apr 7, 2018 · 90 commits to master since this release

  • Fix to support new BIOS version numbers (e.g. EliteBook 8xx G5 models) that use a longer format (issue #50)
  • Code redesign - all terminating errors now result in an exception to be thrown so the error message will show the exact code location
  • Removed Management Engine (ME) Vulnerability Check (ME-VulnerabilityScan.txt) as each detection tool will only report the status of one, and only one, security issue (issue #37)
  • Selecting the model folder can now also be done based on the SKU (issue #45) - see https://github.com/texhex/BiosSledgehammer#sku-model-folder for a description
  • It is now possible that several models share the same settings and update files - see https://github.com/texhex/BiosSledgehammer#shared-folder for a description
  • Updated all model examples with BIOS updates that include microcode update to fix HPSBHF03573 - Spectre Security Issue
  • Updated all model examples with ME updates to fix HPSBHF03571 - AMT/vPro Security Issues Intel-SA-00101 / Intel-SA-00086 / Intel-SA-00075
  • Created shared configuration and update files for EliteBook 820/840/850 G1, G2, G3 and G4 series
  • Created shared configuration and update files for ZBook 15/17 G3
  • Created shared update folder for TPM SLB 9670 updates
  • MPSXM updated to 3.28.1
   SHA-1: 454b5877f46c7d46f55e275c98a4e4f1a8ee9116
 SHA-256: a4e3e3e1e5fc62ebb69cc96fe7c5c9799c53029e90a2df782f17245be04a8f4a

VirusTotal antivirus engines (60+) scan report

Version 3.4.1

@texhex texhex released this Mar 26, 2018 · 119 commits to master since this release

  • Fixed BitLocker decryption error if a volume has no drive letter (issue #43)
  • Added 9470m example by @napzero (issue #46)
  • Added 9480m example by @thecatdidit (issue #48)
  • Added new BIOS and ME for 840 G4 from @thecatdidit (issue #49)
   SHA-1: 98180c539f0d005d317ab959c540042ae7d54322
 SHA-256: 720963ca616f8b0a87e9227d9e5f7dbf69ae6f020cb7c837eded04c5c2517578

VirusTotal antivirus engines (60+) scan report

Version 3.4.0

@texhex texhex released this Mar 10, 2018 · 125 commits to master since this release

  • Fixed issue #41 (StartExampleDownload.ps1 does not work as TLS 1.1 and 1.2 are not enabled)
  • Fixed issue #40 (Script does not start if path for logging does not exist)
  • Updated BCU to 4.0.24.1
  • Updated MPSXM to 3.27.0
  • Added const used for TEMP folder in case the user temp folder can not be used
  • Pre-execution checks redesigned
   SHA-1: ced638f3671196c3be3bfce77bfabfad70d66f51
 SHA-256: 3633ddb9488f0498b8d230204d65ad0763f2d796fe58a2a9b6adae36908dc87c

VirusTotal antivirus engines (60+) scan report

Version 3.3.2

@texhex texhex released this Jan 20, 2018 · 132 commits to master since this release

  • If the BIOS data could not be parsed, but a BIOS-Update.txt file exists, an error is generated
  • If a TPM could not be found, or the data could not be parsed, but a TPM-Update.txt file exists, an error is generated
  • Fixed issue #35 (Empty LOG file error)
  • Supported Z420 Workstation
  • Supported Z240 Tower Workstation
  • Updated MPSXM to 3.23.0
  • Code format changes
   SHA-1: 4e5a5f3e29945d8afe2c006f697376c660caef43
 SHA-256: f9d2b5fd22f56f189a12a7c2141da6453c8a464bcf8b6e5819cc7f059f07eeb2

VirusTotal Report

Version 3.3.1

@texhex texhex released this Jan 14, 2018 · 140 commits to master since this release

Added new BIOS versions that fix Spectre (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) as discussed in issue #34. For details please see HP security advisory HPSBHF03573.

The following models were updated:

  • EliteBook 820 G1, EliteBook 840 G1, EliteBook 850 G1
  • EliteBook 820 G2, EliteBook 840 G2, EliteBook 850 G2
  • EliteBook 820 G3, EliteBook 840 G3, EliteBook 850 G3
  • EliteBook 820 G4, EliteBook 840 G4, EliteBook 850 G4
  • EliteBook Folio 1040 G1, EliteBook Folio 1040 G3
  • EliteBook x360 1030 G2
  • Pro x2 612 G2
  • ProDesk 600 G1 TWR
  • ProDesk 600 G2 SFF
  • ProDesk 600 G3 MT, ProDesk 600 G3 SFF
  • Z440 Workstation
  • ZBook 15 G2
  • ZBook 15 G3, ZBook 17 G3
   SHA-1: 12a8bff2a886bd39dfe637b6836d14727f5f22bf
 SHA-256: 5056dbe668e872cf51d7e2aefccf387f65d58008ccbdb87b21e32f6f8478c114

VirusTotal Report

Version 3.3.0

@texhex texhex released this Nov 7, 2017 · 159 commits to master since this release

  • Added support for on-the-fly BIOS settings changes that are required for a TPM update using the file TPM-BIOS-Settings.txt (issue #27)
  • Added the required TPM-BIOS-Settings.txt files for included EliteBook 8x0 G3 and G4 models
  • The parameter IgnoreBitLocker can be used in TPM-Update.txt to prevent a full BitLocker
    decryption
  • Fixed BitLocker detection on Windows 7 with code from GregoryMachin (issue #21)
  • Intel SA75 Detection Tool updated to v1.0.3.215, XML processing changes because of this (issue #21)
  • Added BIOS v1.18 for EliteBook 8x0 G3 models (issue #26)
  • Added BIOS v1.08 for EliteBook 8x0 G4 models (issue #25)
   SHA-1: b9a3a3fd478d816bed21282e6af3ea20a138f21d
 SHA-256: 27223f990945e5ff1a27880bb5135f3973da4eff67f5711d6ba28d57c02ff2f3

VirusTotal Report

Version 3.2.6

@texhex texhex released this Oct 29, 2017 · 167 commits to master since this release

  • Added new TPM firmware files (6.43 / 7.62) for G3 and G4 devices that fixes the ROCA vulnerability (aka CVE-2017-15361, HPSBHF03568 and Microsoft ADV170012)
  • Added BIOS 1.06 for EliteBook 8x0 G4 models that changes the ON value for LAN / WLAN Auto Switching from EnableD to Enable (Issue #23)
  • Fixed a typo in the progress text for BitLocker decryption (Issue #22)
  • Fixed error handling/output in example download script
    SHA-1: 35a2c191a5f4525511ff0ef363fc8442bdb6f612
  SHA-256: 905e5024772e51856b71e931e99ba025df815c8b71b26e127ee867a9a2fa861d

VirusTotal Report

Version 3.2.5

@texhex texhex released this Oct 8, 2017 · 172 commits to master since this release

  • Fixed a bug when querying TPM data and the returned class is incomplete (Issue #20)
  • Added boot order example in BIOS-Settings for ProDesk 600 G3
   SHA-1: f97d8313cec1baa40ac0b23dffd2ea1612e4ccb5
 SHA-256: 11b9cd020d895a030826cfc7cd08b20ca5d41affe01f057a79a290d1cd29cc33

VirusTotal Report