Page 12 of 12 FirstFirst ... 2 10 11 12
Results 111 to 118 of 118
  1. #111
    ROG Junior Member Array
    Join Date
    Oct 2017
    Reputation
    10
    Posts
    4

    So if you have a Dell, HP, Lenovo, Supermicro or IBM system, you get a firmware update and were covered before any of this became public.

    If you have an ASUS board or system with a TPM header, you never get an update and have to hack your system into shape with tools and code downloaded from competitor vendor products.

    They are leaving this and hanging us all out to dry. ASUS support has proved useless. It was the same with Spectre and Meltdown vulns, which noone can make heads or tales of the changes they made, let alone know how they will affect system performance.

    Why have they not fixed something that simply needed a 3rd party's lib file updated, for >12months now?
    Last edited by pl_02; 10-30-2018 at 01:43 PM.

  2. #112
    ROG Junior Member Array
    Join Date
    Oct 2017
    Reputation
    10
    Posts
    4

    Quote Originally Posted by guho2003 View Post
    My Asus 20-1 pin TPM module came with very new TPM 2.0 firmware 5.63.3353. I need to downgrade it to TPM 1.2 to use it in an older motherboard. The Supermicro zip file version 1.5 only goes up to 5.63.3114. Does anyone happen to have a way to downgrade to 4.x (=TPM 1.2) from 5.63.3353?
    You have a TPM 2.0 compliant chip, not a TPM 1.0 compliant one. AFAIK it won't work in a board with the pinout for the 1.0 TPM. But you could check that by looking at the manual perhaps. You could make a header cable to switch the pins around which people have done to make TPMs from one brand work on another brand's board. May not allow you to use a TPM 2.0 chip on a TPM 1.0 compatible board. But notice that the chips have different hardware on them, so it seems unlikely and trying it may have unexpected outcomes.

  3. #113
    New ROGer Array
    Join Date
    May 2018
    Reputation
    10
    Posts
    2

    Quote Originally Posted by stna1981 View Post
    Hi guys,

    I have the following issue: I have an ASUS TPM 2.0 with firmware 5.51.2098.0. I tried to update it with the TPM20_5.61.2785.0_to_TPM20_5.63.3144.0.BIN provided by ASUS (I will never download any other firmware for a security device from 3rd party servers), so if the update is 5.62, then it is like that.

    However, the problem is that the update is not applied at all. The updater says the file is not valid for my device. Log looks like that, if it might help:


    Can someone help me? I followed this guide:
    http://dlcdnet.asus.com/pub/ASUS/mb/...QSG_V2_web.pdf

    Not sure if you have solved this already, but you are using the wrong BIN file provided by ASUS. You say that your TPM chip has firmware 5.51... then you try to use the 5.61 to 5.63 BIN file. Go back to ASUS and get the 5.51 to 5.63 update file, and try again.

    For others having this issue, ASUS does not clarify that you need to get the correct update file, but there are 2 different firmware update files in the download section. You must determine which firmware your TPM module is running currently, and get the proper update file. Then follow my post #102 I believe to get it to work..

  4. #114
    New ROGer Array
    Join Date
    Aug 2019
    Reputation
    10
    Posts
    1

    Need help with updating TPM

    Click image for larger version. 

Name:	Capture.jpg 
Views:	64 
Size:	56.1 KB 
ID:	81696

    I know it's been a minute since anyone posted in here. I am having difficulties with finding the proper firmware file. After much trial and error I figured out how to do the update but I can't find proper firmware file. Any help would be much appreciated.

    Thank You

  5. #115
    ROG Member Array
    Join Date
    Apr 2017
    Reputation
    10
    Posts
    7

    @mconti85 -- in order to match the firmware version, we'd need to know the specific make/model of your TPM chip. Most newer ones SHOULD be able to be updated, however I'm not sure that all are capable of running the patched firmware versions. YMMV.

  6. #116
    New ROGer Array
    Join Date
    Aug 2020
    Reputation
    10
    Posts
    2

    Nuvoton TPM 2.0

    ups..
    Last edited by 77vitya; 10-09-2021 at 12:22 PM.

  7. #117
    New ROGer Array Japan_7130 PC Specs
    Japan_7130 PC Specs
    MotherboardR4F / R6EE / ROG Dominus Extreme
    Processor3960X / 7980XE / W-3175X
    Graphics Card #1ROG GTX1080ti / ROG RTX2080ti / ROG RTX3090

    Join Date
    Nov 2021
    Reputation
    10
    Posts
    4

    Notice about the TPM firmware version

    If you installed Windows 11 using dTPM, check the [Security processor details] window and the [Security processor trouble shooting] window.
    When I used the TPM with firmware version 5.61.2785.0 or 5.63.3144.0, I got an error.
    You can also check it by running the "tpmtool getdeviceinformation" command at the command prompt.
    It seems that Windows 11 has determined that version 5.63.3144.0 or earlier is vulnerable and recommends updating the firmware.

    Even with this issue, BitLocker was successfully applied for the boot drive. Perhaps this issue limits the functionality of something other than BitLocker.

    The TPM with firmware version 5.63.3353.0 was fine.
    I think ASUS should provide firmware version 5.63.3353.0 for TPM-M R2.0/TPM-L R2.0 users.

    * There are people working on this issue.
    https://twitter.com/PremaMod/status/1448306173384527874
    * On Windows 10, firmware version 5.63.3144.0 seems to be fine.
    * According to a review on amazon.com, the firmware version of TPM-M R2.0 was already 5.63.3353.0 as of August 2018.
    It is also reported that the firmware version of TPM-L R2.0 was 5.63.3353.0 as of #109 (July 2018) of this thread.
    * Compatible TPMs sold by Amazon etc. may have an old firmware version installed.
    There is a case where the firmware version of FIPS 140-2 specification (for example, the last part is ".2" like 5.0.1089.2) is installed in TPM, and the firmware file for updating to the latest version cannot be found. Please be careful.
    Last edited by Japan_7130; 12-10-2021 at 09:00 PM.

  8. #118
    ROG Member Array
    Join Date
    Nov 2017
    Reputation
    10
    Posts
    17

    Quote Originally Posted by PhoenixFlame9 View Post
    I made a profile here a few days ago but couldn't post. Here is how you can update the TPM firmware, using Asus's files.

    The Asus firmware files do update the TPM to 5.63. Be aware that there are two different firmware files. One to update from 5.61 to 5.63, and another to update from 5.51 to 5.63. Be sure you grab the correct file from Asus's website or you won't be able to update the firmware. I updated from 5.51 to 5.63.

    Be sure to disable Bitlocker in windows, and allow for the drives to decrypt before flashing the TPM firmware. In order to do this, you will be booting from a USB stick, which is why you have to turn off certain features in the BIOS. Just follow the instructions provided by Asus. I put the EFI and Tools folder in the root directory of my thumb drive, and I made sure my thumb drive was formatted FAT32. I put the EFI folder in the root directory, not the TPM.... folder because this is what I am used to in getting something to boot from a stick, but you may be able to put the TPM... folder in the root directory as well. It took a few boots, but then I booted into the provided EFI Shell. Once it boots into the shell, you only have a few seconds to press any key so that it stays in the shell.

    Now this is where the Asus instructions are severely lacking.

    The instructions tell you to go to fs0 and work from there, but the USB stick may not be assigned to fs0, I think mine was assigned to fs4 or fs5. So here is what you do. Key in fs0: then hit enter. Then Key in DIR and hit enter. This will list the folders and files in fs0. If this looks like your thumb drive, great, otherwise Key in fs1: and hit enter. Repeat the DIR, etc. and continue until you find which fs number is your thumb drive.

    Now that you are on your thumb drive you need to navigate to the x64 directory. To do that you look at the folders in your directory. So for me I had to do cd Tools then hit enter. This puts you in the Tools folder. Then continue with cd UEFI etc. I like to do this one folder at a time, but you can do more if you are comfortable with it. Once you are in the x64 folder, you will need to type the long command TPMFactoryUpd -update tpm20-emptyplatformauth -firmware
    TPM20_5.61.2785.0_to_TPM20_5.63.3144.0.BIN and press enter. (The instructions are missing a T, but I added it here. Be aware that if you are updating from TPM5.51 then instead of copying that command directly, do a DIR and you will see a file called TPM20_5.51... You will need to type this in place of the listed BIN file in that command. After hitting enter you will see a message showing you the status, and hopefully it will say successfully updated. I did get some kind of error message after the firmware update messages, but when I got back into the BIOS I could see that the firmware has successfully updated to 5.63, so I don't know what that was all about.

    Proceed at your own risk.
    Problem of updating TPM solved -- Booting sequence. I was one of the first people to start writing about problems I was having back in October of 2017 with updating an Asus TPM2.0 from version 5.51 to 5.63 and today I was finally successful some of the problems I encountered were with Booting the UEIF. How the BOOTX64.EFI is started was the final step to get the ASUS TPM update to load.

    Post # 102 provides good directions regarding the sequence to follow to load the update. I have been using a Asus Rampage V Edition 10 (R5E10). Following the instructions given by Asus and post #102; and putting all the directories and files into the USB root drive (see file layout below) the last step is to reboot the computer and run the update. On the R5E10 the boot drive selection can be achieved by using the dashboard of the Bios (Key F2 or DEL key) or getting a list of drives available to boot from via the F8 key. The BOOTX64.EFI would run from the dashboard under the heading BOOT, but the update would report a problem. With everything the same except for starting the Boot sequence with F8 the update would then run.

    The following is an overview of how the R5E10 was updated:Get the files from Asus and note if you are updating from 5.51 or 5.61 to 5.63

    https://www.asus.com/us/SupportOnly/...HelpDesk_BIOS/

    My update was from 5.51; I put all the files and subdirectories into the Root of the USB, each subdirectory contained all the files and any other directories that came in the original unzipping. This step most likely is unnecessary, but was used to eliminate any possible request by the shell EFI setup program or the install program (TPMFactoryUpd.efi) for a file in one of the original directories.
    As noted by post #102 regarding step 6 of the Asus instructions the USB drive you are using may not be located in the indicated fs0: designation. My USB was located in fs5: and when the DIR command was typed in the file structure looked like this:

    As mentioned above, in my case, it was critical to boot the shell program (EFI) via the F8 key, not from inside the Bios dashboard.
    When it comes to step 7 and typing in the long string the spaces before the dashes are not a format error, so the spaces are correct with the one exception of: ,,,update tpm20-emptyplatformauth...¦. The complete command reads:
    TPMFactoryUpd -update tpm20-emptyplatformauth -firmware TPM20_5.51.2098.0_to_TPM20_5.63.3144.0.BIN
    Only one space between firmware and TPM20; as in "... -firmware TPM20_5.51.2098.0..." Forgive me for being pedantic here but during my attempts to do the update and not getting it to work I kept thinking it was in the spacing of the command line. Also note that in the directions (#7) from Asus they left out the "T" in "TPM20" it is correctly represented in the last line of the graphic.

    I do hope that this will help anyone trying to update a TPM. Everything worked as the three frame captures of posting #103 show. I too received an error message at the end. But, after rebooting everything worked properly.

    As I mentioned this all started for me about five years ago (see post #21). The success here is with a generic TPM20 module sold on Ebay in the past two weeks. When I started all those years ago, I purchased two genuine Asus modules. I worked with Asus support for months they had not, as of then. produced an update. I ended up sending one of the modules to them to update twice the first time in didn't work and the second time it didn't even show up in the Bios. I pretty much gave up and misplaced or disposed of them. And then Windows 11 arrived.

    The CPU in my R5E10 is an intel i7 6900K and that CPU is in the list that Microsoft has deemed to be unworthy of service in Windows 11 even though it has 8 cores and 128GB of RAM and now an UpToDate TPM20 module. I had been hoping to find a workaround and wanted all of the parts required for Windows 11, the only thing missing is the right age. Right after I built the R5E10, AMD came out with the Ryzen 1800 CPU also with 8 cores and since I was in need for another computer, I built the Ryzen 1800 with 64GB of RAM on an Asus Hero board. Now I have two computers that are fully equipped except for the age requirement.

    So I need to build another computer to support Windows 11. I was about to buy an Asus Pro WS WRX80E -- Sage SE and then Threadripper PRO 2 is released and only available in a prebuilt -- something I do not want.
    But, the real problem is something else and that is the development of a new security device by Microsoft called PLUTON and it is something like a TPM built directly into the CPU and the new Threadripper Pro's do not have that, the only chips that will have that at the moment are AMD 6000 chips.

    PLUTON is a potential nightmare for me. Since Windows 11 requires a TPM to run will Microsoft turn around and pull the same thing over again with PLUTON? Will the next version of Windows a few years down the line require a PLUTON device built into the CPU and create a new class of obsolete computers?

    I suspect that I should prepare by starting a new thread about PLUTON on this Forum and dig in for a new security problem and obsolescence.

    UPDATE: March 12, 2022
    TPM Version 5.63.3353.0

    Today I updated to version 5.63.3353.0. I used the link from post #117 and got the files from PremaMod. I went through the list of files downloaded from Premod, found the file TPM20_5.63.3144.0_to_TPM20_5.63.3353.0.BIN and added it to the Root of the USB drive I used for the earlier update. I ran the update exactly the same as I did for the first update except used the TPM20_5.63.3144.0_to_TPM20_5.63.3353.0.BIN line in the string to activate the update.

    The update ran the same. When I got back into Windows everything looked OK except for the line: Attestation, that was not ready. I used Windows TPM.msc to clear the TPM and when it booted up again everything was fine running version 5.63.3353.0
    Miniatura de Adjuntos Miniatura de Adjuntos File structure.jpg  

    Last edited by Charlie Woken; 03-12-2022 at 07:29 PM.

Page 12 of 12 FirstFirst ... 2 10 11 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •