Printable version

Drivers & software

** CRITICAL ** Online ROM Flash Component for Linux - HPE ProLiant BL660c Gen9 (I38) Servers

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Entitlement Required) - System ROM
Version: 2.60_05-21-2018(8 Jun 2018)
Operating System(s): Oracle Linux 6 (AMD64/EMT64)
Oracle Linux 7
Red Hat Enterprise Linux 6 Server (x86-64)
Red Hat Enterprise Linux 7 Server
SUSE Linux Enterprise Server 11 (AMD64/EM64T)
SUSE Linux Enterprise Server 12
File name: firmware-system-i38-2.60_2018_05_21-1.1.i386.rpm (5.8 MB)
This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with Smart Update Manager (SUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Prerequisites:

The "HPE ProLiant iLO 3/4 Channel Interface Driver” (CHIF) for Linux  which is integrated into the standard Linux kernel.


To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

73f0d637e95c368d8e2a413e26aa3078700934c97f8cbe45402e3877c6682bbe RPMS/i386/firmware-system-i38-2.60_2018_05_21-1.1.i386.rpm

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component will fail if it is unable to communicate with iLO.  This can occur if HPE ProLiant Agentless Management Service (AMS) and HPE SNMP Agents (SNMP Agents) are both running.  HPE does not recommend running AMS and the SNMP Agents at the same time.  If an "iLO device not found" error occurs, stop AMS or the SNMP Agents, and run the flash component again.


To update firmware from Linux operating system on target server:
 
Install the RPM package
> rpm -Uvh <filename>.rpm
 
See where the files land
> rpm -qlp <filename>.rpm
 
Change to the directory you see in the previous step and run hpsetup by typing ‘./hpsetup’ at the command prompt.


Supplemental updates for supported ProLiant servers and options can be done by using Smart Update Manager 8.0.0 or later, which is found on the Service Pack for ProLiant ISO.

  • Place the Service Pack for ProLiant on a USB key using the USB Key Creator Utility.
  • Place the desired components to be updated in the directory, \packages on the USB key.

Update the firmware and software in the usual manner.


End User License Agreements:
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement
HPE Software License Agreement v1


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HPE ProLiant BL660c Gen9 System ROM - I38

Release Version:

2.60_05-21-2018

Last Recommended or Critical Revision:

2.60_05-21-2018

Previous Revision:

2.56_01-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HPE ProLiant BL660c Gen9 System ROM - I38

Release Version:

2.60_05-21-2018

Last Recommended or Critical Revision:

2.60_05-21-2018

Previous Revision:

2.56_01-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Version:2.72_03-25-2019 (1 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.

Known Issues:

None


Version:2.70_12-29-2018 (14 Mar 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the UEFI EDK2 support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2018-3613 CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-3630, CVE-2018-12178, CVE-2018-12179, CVE-2018-12180, CVE-2018-12181, CVE-2018-12182, CVE-2018-12183, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204 and CVE-2018-12205. For additional information please refer to the security bulletin at https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03912en_us.  These security vulnerabilities are not unique to HPE servers.

Known Issues:

None


Version:2.64_10-17-2018(B) (30 Jan 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

Ver. 2.64(B) contains updates to the component packaging and is functionally equivalent to ver. 2.64. It is not necessary to upgrade with Revision B if a previous component Revision was used to upgrade the firmware to version 2.64.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue is not unique to HPE servers. Please consult the following advisory for additional details.   https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00060570en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue only impacts systems configured with Intel Xeon 4600 v4 series processors. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML) when processor C-states are enabled. This issue does not exist when processor C-states are disabled. This issue is not unique to HPE servers.

Known Issues:

None

Enhancements

Added support for Microsoft Windows 2019. This System ROM is the minimum recommended version for use with this operating system version. This revision of the System ROM contains updated support for Windows 2019 when using the optional HPE TPM Module.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.64_10-17-2018 (6 Nov 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue is not unique to HPE servers. Please consult the following advisory for additional details.   https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00060570en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue only impacts systems configured with Intel Xeon 4600 v4 series processors. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML) when processor C-states are enabled. This issue does not exist when processor C-states are disabled. This issue is not unique to HPE servers.

Known Issues:

None

Enhancements

Added support for Microsoft Windows 2019. This System ROM is the minimum recommended version for use with this operating system version. This revision of the System ROM contains updated support for Windows 2019 when using the optional HPE TPM Module.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.60_05-21-2018 (8 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Enhancements

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.56_01-22-2018 (23 Feb 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM addresses issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.54_12-07-2017 (3 Jan 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

REMOVED - This version of the System ROM is NO LONGER AVAILABLE for download.

On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.52_10-25-2017 (24 Oct 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

This System ROM revision replaces the 2.50 revision. An issue was found with the 2.50 revision of the System ROM that may result in a system hang during boot with a messaging indicating “Memory Initialization - complete” with certain memory configurations. The 2.50 revision of the System ROM has been removed from the HPE Support Site. It is highly recommended that any customers using the 2.50 revision of the System ROM upgrade to the 2.52 revision or later.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where Processor Core Disable may not function properly, such as disabling the wrong number of cores, when Intel Xeon E5 v4 processors are installed in the system. This issue does not impact systems configured with Intel Xeon E5 v3 processors.

Addressed an issue where systems configured with a Honeywell LCNP4 card installed may stop responding during system boot.

Addressed an issue where the system may become unresponsive during system boot when an optional HPE Dual 8GB MicroSD USB device is installed with firmware version 202. This issue does not impact servers configured with an HPE Dual 8GB MicroSD USB device using revision of firmware 212 or later.

Known Issues:

None
Enhancements

Added support for Trusted Platform Module (TPM) 2.0 Firmware flash updates. For systems configured with the optional TPM 2.0 device, this is the minimum revision of the System ROM required to update TPM firmware.

Updated the HPE RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.40_02-17-2017 (12 Jul 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

This revision contains updates to the component packaging.  It is not necessary to upgrade with this revision if the system ROM was previously upgraded to version 2.40_02-17-2017. To deploy this revision with Smart Update Manager, SUM 8.0.0 or later is required.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system may become unresponsive during system boot when a third party USB 3.0 XHCI adapter card is installed in the server.

Addressed an issue where the system may properly indicate that a DIMM has experienced a high rate of corrected memory errors in the Integrated Management Log (IML), but the DIMM's status may incorrectly be reported in the iLO GUI as healthy. The iLO GUI will now report the DIMM's status as degraded.

Addressed an issue where the system may become unresponsive during system boot when a USB-based UPS is attached to the server USB ports. This issue only impacted a system when configured for legacy boot mode.

Addressed an issue where the system may not properly report and log errors to the Integrated Management Log (IML) detected on the optional HPE Dual SD Card option. This issue only impacted logging when the system performed a warm reset.

Known Issues:

None

Enhancements

Updated the system thermal logic to support the latest adapters.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.40_02-17-2017(B) (21 Apr 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

Version 2.40_02-17-2017 (B) contains updates to the component packaging and is functionally equivalent to version 2.40_02-17-2017.  It is not necessary to upgrade with Revision B if the system ROM was previously upgraded to version 2.40_02-17-2017.

SUM version 7.6.0  or earlier should be used for deployment of 2.40_02-17-2017 (B).

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system may become unresponsive during system boot when a third party USB 3.0 XHCI adapter card is installed in the server.

Addressed an issue where the system may properly indicate that a DIMM has experienced a high rate of corrected memory errors in the Integrated Management Log (IML), but the DIMM's status may incorrectly be reported in the iLO GUI as healthy. The iLO GUI will now report the DIMM's status as degraded.

Addressed an issue where the system may become unresponsive during system boot when a USB-based UPS is attached to the server USB ports. This issue only impacted a system when configured for legacy boot mode.

Addressed an issue where the system may not properly report and log errors to the Integrated Management Log (IML) detected on the optional HPE Dual SD Card option. This issue only impacted logging when the system performed a warm reset.

Known Issues:

None

Enhancements

Updated the system thermal logic to support the latest adapters.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.30_09-12-2016 (21 Oct 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where fatal system errors may not be logged to the Integrated Management Log (IML) when an error occurs on any processor other than Processor 1.

Addressed an extremely rare issue where the system may receive a Red Screen error and become unresponsive during boot. This issue would not be seen if the ROM Based Setup Utility (RBSU) Option for Dynamic Power Calibration is set to Disabled (the default for this option is Auto which could result in this issue).

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system may not perform optimally with certain memory intensive workloads when the BIOS Configurations/RBSU QPI Snoop Configuration option is configured for Cluster on Die mode with Intel Xeon E5-4600 v4 series processors. This issue does NOT impact systems configured with Intel Xeon E5-4600 v3 series processors or with other QPI Snoop configurations. This issue had a significant impact on the STREAM benchmark.

Known Issues:

None

Enhancements

Added support for HPE 128GB SmartMemory Load Reduced DIMMs (LRDIMMs).

Updated to the latest support modules for Intel Trusted eXecution Technology (TXT) including the Intel Authenticated Code Module (ACM) and Intel Secure Initialization (SINIT) module.

Updated the UEFI Secure Boot Key Database revocations list (DBX) with the latest version from Microsoft. This includes the latest list of revoked certificates.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.20_05-05-2016 (9 Jun 2016)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system that experiences an HPE Smart Storage Battery failure may become unresponsive when configured with iLO Firmware 2.40.  Note there is an issue where a system configured with Integrated Lights-Out (iLO) Firmware version 2.40 may experience an intermittent and false HPE Smart Storage Battery failure, logged in the Integrated Management Log (IML).  Due to the BIOS issue addressed in this revision, the false HPE Smart Storage Battery failure may result in the system becoming unresponsive.  This issue does not impact systems that are not configured with an HPE Smart Storage Battery or systems configured with iLO Firmware 2.30 or earlier.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) USB Boot Options setting may not properly allow the server to boot from the internal SD card before a USB key when SD is higher in the priority list. This issue only affects servers configured in Legacy Boot Mode.

Addressed an issue where the ambient temperature reported by the system during server boot may report incorrectly. This issue also requires an iLO firmware version update to a revision later than 2.4x which will be released later this year. This issue has no impact on the thermal operation of the server and is simply an issue with the temperature displayed during boot. While updating to this revision of the BIOS will not address this issue unless the iLO FW revision is later than 2.4x, there are no issues caused by updating the BIOS without updating iLO FW.

Addressed an issue where the UEFI or Legacy Option ROM for a PCIe adapter may not be properly executed when installed in certain slots. This could cause such issues as an inability to boot using the PCIe adapter. This issue was seen with a Brocade network adapter but could be seen with other adapters.

Addressed an issue where the server health LED may remain set in a degraded or failed state after an error event was resolved during server operation. Previously, a server reset may have been needed to clear the health LED event.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) option for Embedded UEFI Shell Auto Startup Script Network Location does not accept an NSH file name containing upper case characters.

Addressed an issue where the UEFI iSCSI Software Initiator boot options may become invalid if the DHCP server provides a new IP Address to a previously configured iSCSI boot option.

Addressed an issue where the system may become unresponsive during boot when configured with a HPE Dual microSD device when one of the microSD devices is failed or missing.

Addressed an issue where the server may assign incorrect ACPI NUMA proximity allocations for servers configured with two or more processors and with memory only attached to a single processor socket potentially leading to non-optimal performance. This issue does not impact servers with memory configured on multiple processors.

Addressed an issue where the Automatic Server Recovery (ASR) setting may not be configured properly through the HP RESTful API.

Addressed an issue where the internal SD card would remain active after the user has disabled the SD slot from System Utilities BIOS/Platform Configuration (RBSU) option. This issue only affects systems configured in Legacy Boot Mode.

Addressed an issue where the server may become unresponsive when using the PING command from the Embedded UEFI Shell.

Addressed an issue where the UEFI iSCSI Software Initiator boot options may become invalid if the DHCP server provides a new IP Address to a previously configured iSCSI boot option.

Addressed an issue where the system may fail to boot from existing UEFI iSCSI Software Initiator boot options if the user changed the iSCSI Target IP address.

Addressed an issue where the system may fail to boot from UEFI iSCSI Software Initiator boot options that has iSCSI Initiator or Target configured using static IPv6 addresses.

Addressed an issue where the UEFI iSCSI Software Initiator boot option IPv6 address cannot be configured using the HP RESTful API.

Addressed an issue that may result in losing the existing UEFI iSCSI Software Initiator boot options if any of the connection parameters (LUN, Remote Port, IP address, login credentials) change.

Addressed an issue in reporting the incorrect PCIe slot number in the error messages of failed iSCSI boot attempts.

Addressed an issue of iSCSI boot configuration options not being available from the HP RESTful API when there are no network adapters in the system.

Addressed an extremely rare issue where the server may become unresponsive due to a Non Maskable Interrupt (NMI) when performing a shutdown or startup from an Operating System.

Known Issues:

None

Enhancements

Added support for Intel Xeon E5-4600 v4 series processors.

Added support for 128GB Load Reduced DIMMs (LRDIMM).

Enhanced PCIe resource allocation so that systems configured with multiple PCIe expansion devices may in some cases no longer report a "276 Option Card Configuration Error" during system boot due to not having enough I/O resources to support what is requested by the installed devices. This BIOS revision allows a wider range of PCIe configurations that request large amounts of I/O to be configured properly.

Updated the UEFI Secure Boot revocations list (DBX) with the latest copy from Microsoft.

Updated to the latest support modules for Intel Trusted eXecution Technology (TXT) including the Intel Authenticated Code Module (ACM) and Intel Secure Initialization (SINIT) module.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Updated the UEFI Secure Boot Key Database revocations list (DBX) with the latest version from Microsoft. This includes the latest list of revoked certificates.

Updated the language translations (non-English modes) for System Utilities.

Increased the default timeout value of the iSCSI UEFI Software Initiator boot to 20 seconds. This may help resolve issues of intermittent connection drop during an iSCSI boot.


Version:1.60_10-29-2015 (1 Apr 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the user may not be able to properly download an Active Health Systems (AHS) file from System Utilities or the Embedded UEFI Shell when certain date ranges were used.

Addressed an issue where a system configured with a Trusted Platform Module (TPM) may improperly measure an extra EV_SEPARATOR into the TPM PCR7.

Addressed an issue where the Active Health System (AHS) file could not be downloaded to the embedded SD card from the Embedded UEFI Shell.

Addressed issues with USB support in the pre-boot environment when the system is configured in Legacy Boot Mode. These issues did not affect systems configured in UEFI Boot Mode.

Addressed an issue where certain optional PCIe video adapters would fail to work properly when using a Linux operating system.

Addressed an issue where industry standard SMBIOS Type 9 entries for PCIe Slots attached to a not installed processor did not exist.

Addressed an issue where the UEFI iSCSI Boot Configuration may not work properly when configuring these options through the HP RESTful Interface. This issue does not affect systems where the UEFI iSCSI Boot Configuration is configured through the System Utilities BIOS/Platform Configuration (RBSU).

Addressed an issue where the drives attached to an HP Smart Array controller may not be detected on the first boot after switching from UEFI Boot Mode to Legacy Boot Mode.

Addressed an issue where the PXE Boot Policy does not function properly when the Network VLAN Configuration option is enabled. When Network VLAN Configuration is enabled, the server would always attempt to boot both iPV4 and iPV6 regardless of the PXE Boot Order Policy setting.

Addressed an issue where the server would display a Red Screen error and become unresponsive when exiting the System Utilities Embedded User Diagnostics when configured for Legacy Boot Mode. This issue does not impact systems configured for UEFI Boot Mode.

Addressed an issue where the HP ProLiant Dynamic Power Regulator would not function properly when configured for Slow Mode. In rare cases, this could cause the system to not optimally switch processor power states.

Addressed an issue where the system may display a Red Screen error and become unresponsive from the Embedded UEFI Shell when interrupting the ping command via a CTRL-C key press.

Addressed an issue where the system may report a 335-HP RESTful API error after setting the BIOS Administrator password through the HP RESTful API.

Addressed an issue where the Date and Time may be set incorrectly when using the Date and Time option from the BIOS/Platform Configuration (RBSU) when the Daylight Savings Time option is enabled.

Addressed an issue where the server may display a Red Screen error and become unresponsive during boot when more than 256 hard drives are attached to a storage controller. The UEFI BIOS will now limit the enumeration of bootable devices to 256 entries.

Addressed an issue where video is not displayed when using the embedded video controller with certain newer monitors, such as the HP E190i, which do not properly operate in native resolutions such as 1280x1024.

Addressed an issue with the incorrect version of the HpServerBootSettings schema in the HP RESTful API.

Addressed an issue where the server could become unresponsive during boot or from the Embedded UEFI Shell when a Block I/O device such as a USB key or hard drive has a corrupt FAT32 file system.

Addressed an issue where an erroneous 312 - HP Smart Battery error message would be displayed and logged to the Integrated Management Log (IML) on the first boot after the system battery was removed from the server.

Addressed an issue where the UEFI or Legacy Option ROM for a PCIe adapter may not be properly executed when installed in certain slots. This could cause such issues as an inability to boot using the PCIe adapter. This issue was seen with a Brocade network adapter but could be seen with other adapters.

Addressed an issue where the server may not properly detect the HPE c-Class PCI Expansion Blade.

Removed the System Utilities BIOS/Platform Configuration (RBSU) Automatic Power-on Option for Restore Last Power State as this option is not supported by blade servers.

Known Issues:

None

Enhancements

Added support for an optional Trusted Platform Module (TPM) 2.0.

Added support to detect and log when memory performance may be degraded due to a high rate of correctable memory errors. When this condition is detected, a new Integrated Management Log (IML) message will be logged indicating a "High rate of corrected memory errors, performance may be degraded".

Added support to the Embedded UEFI Shell to allow the user to export Secure Boot certificates to a file.

Added support to automatically initialize the Trusted Platform Modules (TPM) nonvolatile storage when the TPM is first installed on a platform. This feature helps avoid issues where a TPM may be locked out from use to an operating system and requires the user to manually clear the TPM setting from the BIOS/Platform Configuration (RBSU) menus when first installed.

Updated branding during the boot process and in the pre-boot System Utilities from HP to Hewlett Packard Enterprise. No branding changes were made that could impact software running on the system. Industry standard SMBIOS tables were NOT updated to reflect Hewlett Packard Enterprise branding.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Added support to the HP RESTful API to allow the user to configure the UEFI boot order when the system is configured for Legacy Boot Mode.


Version:1.52_09-24-2015 (29 Sep 2015)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may experience Machine Check Exceptions or unexpected reboots under heavy load and high temperature. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) Dynamic Power Savings Mode Response Option when configured for Slow Mode may not efficiently switch processor performance modes resulting in lower than expected performance.

Addressed an issue where the Channel Interleaving option in the ROM Based Setup Utility (RBSU) did not function when configured for Disabled. Even when this option was configured to Disabled, Channel Interleaving would be enabled.

Addressed an issue where a server configured for UEFI boot mode may become unresponsive during boot when configured with an optional graphics controller that does not support UEFI boot mode. This issue does not affect systems configured in Legacy Boot Mode.

Addressed an issue in the HP RESTful API data model with the reporting of "EmbSasXBoot" and "SlotXStorageBoot" properties in the HpBiosMappings resource. The properties were not associated with the correct PCI devices for the embedded and optional storage controllers.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Addressed an issue in the HP RESTful API BIOS support that resulted in internal HTTP sessions between BIOS and iLO left open during boot. This can result in the iLO Event Log indicating multiple events for HTTP session logins.

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system would not reset configuration settings to defaults when using the Embedded UEFI Shell Sysconfig -d command.

Addressed an issue where the HP RESTful API and Embedded UEFI Shell description of the storage controller may begin with an instance of 2 instead of 1 when only one storage controller was installed in the server.

Addressed an issue where the system may fail to boot a Linux Operating System when using serial console redirection when the physical Serial Port is disabled and the iLO Virtual Serial Port is enabled.

Addressed an issue where a system configured for Legacy Boot Mode may become unresponsive during boot and display a NMI error when the Virtual Install Disk is enabled.

Addressed an issue where a system configured for UEFI Boot Mode with an optional PCI Express based USB 3.0 controller installed may not be able to properly load the USB driver under the operating system. This issue does not affect systems configured in Legacy Boot Mode.

Known Issues:

None
Enhancements

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format. This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.50_07-20-2015 (10 Sep 2015)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


REMOVED - Version 1.50_07-20-2015 of the System ROM is NO LONGER AVAILABLE for download due to an issue that may result in Red Screen errors during boot for servers with HP FlexFabric 20Gb 2-port 650FLB Adapters  or HP FlexFabric 20Gb 2-port 650M Adapters installed with firmware revision 10.5.65.21 and an issue that may very rarely result in Red Screens during boot (even if the 650FLB or 650M Adapters are not installed).  Please use the replacement version 1.52_09-24-2015 or later versions.   Refer to HP Customer Advisory c04800262  for more details.

Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may experience Machine Check Exceptions or unexpected reboots under heavy load and high temperature. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) Dynamic Power Savings Mode Response Option when configured for Slow Mode may not efficiently switch processor performance modes resulting in lower than expected performance.

Addressed an issue where the system may not properly respond to error events from devices attached to certain PCI Express root ports.

Addressed an issue where the Channel Interleaving option in the ROM Based Setup Utility (RBSU) did not function when configured for Disabled. Even when this option was configured to Disabled, Channel Interleaving would be enabled.

Addressed an issue where a server configured for UEFI boot mode may become unresponsive during boot when configured with an optional graphics controller that does not support UEFI boot mode. This issue does not affect systems configured in Legacy Boot Mode.

Addressed an issue in the HP RESTful API data model with the reporting of "EmbSasXBoot" and "SlotXStorageBoot" properties in the HpBiosMappings resource. The properties were not associated with the correct PCI devices for the embedded and optional storage controllers.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Addressed an issue in the HP RESTful API BIOS support that resulted in internal HTTP sessions between BIOS and iLO left open during boot. This can result in the iLO Event Log indicating multiple events for HTTP session logins.

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system would not reset configuration settings to defaults when using the Embedded UEFI Shell Sysconfig -d command.

Addressed an issue where the HP RESTful API and Embedded UEFI Shell description of the storage controller may begin with an instance of 2 instead of 1 when only one storage controller was installed in the server.

Addressed an issue where the system may fail to boot a Linux Operating System when using serial console redirection when the physical Serial Port is disabled and the iLO Virtual Serial Port is enabled.

Addressed an issue where a system configured for Legacy Boot Mode may become unresponsive during boot and display a NMI error when the Virtual Install Disk is enabled.

Addressed an issue where a system configured for UEFI Boot Mode with an optional PCI Express based USB 3.0 controller installed may not be able to properly load the USB driver under the operating system. This issue does not affect systems configured in Legacy Boot Mode.

Known Issues:

None

Enhancements

REMOVED - Version 1.50_07-20-2015 of the System ROM is NO LONGER AVAILABLE for download due to an issue that may result in Red Screen errors during boot for servers with HP FlexFabric 20Gb 2-port 650FLB Adapters  or HP FlexFabric 20Gb 2-port 650M Adapters installed with firmware revision 10.5.65.21 and an issue that may very rarely result in Red Screens during boot (even if the 650FLB or 650M Adapters are not installed).  Please use the replacement version 1.52_09-24-2015 or later versions.   Refer to HP Customer Advisory c04800262  for more details.

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format. This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.40_05-06-2015 (15 Jun 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the platform may become unresponsive during system boot when the server is configured for Legacy Boot Mode and the USB Boot Support has been disabled.

Addressed an issue where the Intel NIC DMA Channels (IOAT) option could not be properly be configured from the Embedded UEFI Shell via the Sysconfig command.

Addressed an issue where the +/- keys in the BIOS/Platform Configuration (RBSU) Boot Options menu were not functioning properly when configuring the server through a BIOS Serial Console Session.

Addressed an issue where the fwupdate Embedded UEFI Shell command and the Firmware Update pre-boot application could hang during a firmware update and not successfully flash the device.

Addressed an issue where the server may fail to boot properly to a Windows Deployment Server (WDS) when configured for IPv6 network boot mode.

Addressed an issue where an optional PCIe adapter's legacy Expansion ROM may not run properly or the Expansion ROM's Setup Utility may not run properly when the server is configured for Legacy Boot Mode. This issue was seen with a Seagate storage adapter but may impact other devices.

Addressed an issue where the Administrator Password would not be properly configured from the Embedded UEFI Shell Sysconfig command.

Addressed an issue where a system could become unresponsive when booting to Linux Operating when serial output was enabled from the operating system and the iLO Virtual Serial Port was the only enabled UART.

Addressed various issues with webclient and ftp commands in the Embedded UEFI Shell.

Addressed an issue in which an Interphase audio streaming PCI-express expansion card may not achieve optimal performance resulting in dropped packets when streaming data. A similar issue could be seen with other PCI-express expansion cards implemented with a PCI device behind a PLX PCIe-to-PCI bridge. This type of PCI-express card implementation is more common with older PCI-express expansion cards.

Addressed an issue where the system may experience a Linux kernel panic when booting from a SATA optical drive attached to the embedded SATA controller when the SATA controller is configured for Dynamic Smart Array B140i support.

Addressed an issue where the system health LED would remain blinking RED (indicating a failed state) due to a power supply failure after the power supply had been replaced. Once the power supply is replaced, the system health LED should have returned to the blinking GREEN state. With previous revisions of the System ROM, the system health LED would not return to GREEN until after a reboot when a failed power supply is replaced.

Addressed an issue where the system health LED would remain blinking AMBER (indicating a degraded state) due to an installed power supply not being plugged in after the power supply had been plugged in. Once the power supply is plugged in, the system health LED should have returned to the blinking GREEN state. With previous revisions of the System ROM, the system health LED would not return to GREEN until after a reboot when an unplugged power supply is plugged in.

Addressed an issue where a system may become unresponsive when launching a guest operating system under a Hypervisor operating system such as Citrix or VMware when VT-d is enabled. This issue is NOT unique to HP servers.

Addressed a possible issue where the platform may become unresponsive during POST when the user selects the Simplified Chinese language in System Utilities.

Known Issues:

None
Enhancements

Added a Server Security BIOS/Platform Configuration (RBSU) option to Enable or Disable "Processor AES-NI Support". This option enables or disables the Advanced Encryption Standard Instruction Set. The option is enabled by default and was enabled automatically with previous revisions of the BIOS.

Added support for UEFI iSCSI Software Initiator boot functionality. The iSCSI Software Initiator boot support can be enabled on any network card that is in Ethernet mode. The iSCSI network settings can be configured in the new System Utilities BIOS/Platform Configuration (RBSU) iSCSI Boot Configuration menu, as well as using the HP RESTful API HpiScsiSoftwareInititiator resource type. This option is only available in UEFI Boot Mode.

Added a BIOS/Platform Configuration (RBSU) Network Option for VLAN Configuration. This option allows the user to configure Virtual LAN (VLAN) settings for all network devices present in the system. This option is only available in UEFI Boot Mode.

Added a new System Utilities Embedded Applications Active Health System Log option. This option allows users to download Active Health System (AHS) Logs.

Added support for additional Storage Options to BIOS/Platform Configuration (RBSU). These new options allow the user to configure the number of boot targets that are listed per storage controller in the UEFI Boot Order. This option can be used to limit the number of boot targets to simplify the UEFI boot order and decrease boot time. These options are only available in UEFI Boot Mode.

Added pre-boot OHCI USB support. This will allow an optional PCIe USB controller, such as available on the Teradici PCoIP Zero Client card, to be functional in a pre-boot environment. This also adds support for booting from USB devices attached to optional PCIe OHCI USB controllers. Support for OHCI USB controllers should be available from operating system drivers when not in the pre-boot environment.

Added support for a new partitions command in the Embedded UEFI Shell. This command can be used to view all available drive partitions.

Added support for a new ahsdownload command in the Embedded UEFI Shell. This command can be used to download Active Health System (AHS) files.

Added support for a new restclient command in the Embedded UEFI Shell. This command can be used to configure the server through the HP RESTful services.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Updated the HPRESTful API support to report and set the default UEFI Boot Order settings using the HpServerBootOrder resource type.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API support for HpBios resource to rename "SecureBoot" property to "SecureBootStatus" to avoid conflict with the "SecureBoot" property in HpSecureBoot resource. This change will impact any scripts written with a dependency on the "SecureBoot" property in the HpBios resource.

Updated the System Utilities BIOS/Platform Configuration (RBSU) Fibre Channel/FCoE Scan Policy option to default to Scan Configured Targets only. Previous revisions of the System ROM defaulted to scanning all targets.

Enhanced the thermal solution to provide proper cooling for optional PCIe graphics and acceleration cards.

Enhanced the System Utilities System Information and the Embedded UEFI Shell sysinfo command to provide additional details for the processor, memory, PCI subsections. In addition, added a new Firmware Information menu to System Information to provide a list of current firmware revisions for supported components.

Reduced boot time when the Dynamic Smart Array B140i RAID is enabled.

Added a new Server Availability BIOS/Platform Configuration (RBSU) Automatic Power On configuration option setting. This option allows the user to configure the power on policy of the server when power is first applied. The options are Enabled to allow the server to automatically power on when first installed into the enclosure or Disabled to allow the server to remain powered off when first installed into the enclosure.


Version:1.30_03-05-2015(B) (3 Jun 2015)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This is the initial version of the firmware.

Known Issues:

None

Type: BIOS (Entitlement Required) - System ROM
Version: 2.60_05-21-2018(8 Jun 2018)
Operating System(s):
Oracle Linux 6 (AMD64/EMT64)
Oracle Linux 7
Red Hat Enterprise Linux 6 Server (x86-64)
Red Hat Enterprise Linux 7 Server
SUSE Linux Enterprise Server 11 (AMD64/EM64T)
SUSE Linux Enterprise Server 12

Description

This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with Smart Update Manager (SUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Enhancements

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Installation Instructions

Prerequisites:

The "HPE ProLiant iLO 3/4 Channel Interface Driver” (CHIF) for Linux  which is integrated into the standard Linux kernel.


To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

73f0d637e95c368d8e2a413e26aa3078700934c97f8cbe45402e3877c6682bbe RPMS/i386/firmware-system-i38-2.60_2018_05_21-1.1.i386.rpm

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component will fail if it is unable to communicate with iLO.  This can occur if HPE ProLiant Agentless Management Service (AMS) and HPE SNMP Agents (SNMP Agents) are both running.  HPE does not recommend running AMS and the SNMP Agents at the same time.  If an "iLO device not found" error occurs, stop AMS or the SNMP Agents, and run the flash component again.


To update firmware from Linux operating system on target server:
 
Install the RPM package
> rpm -Uvh <filename>.rpm
 
See where the files land
> rpm -qlp <filename>.rpm
 
Change to the directory you see in the previous step and run hpsetup by typing ‘./hpsetup’ at the command prompt.


Supplemental updates for supported ProLiant servers and options can be done by using Smart Update Manager 8.0.0 or later, which is found on the Service Pack for ProLiant ISO.

  • Place the Service Pack for ProLiant on a USB key using the USB Key Creator Utility.
  • Place the desired components to be updated in the directory, \packages on the USB key.

Update the firmware and software in the usual manner.


Release Notes

End User License Agreements:
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement
HPE Software License Agreement v1


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HPE ProLiant BL660c Gen9 System ROM - I38

Release Version:

2.60_05-21-2018

Last Recommended or Critical Revision:

2.60_05-21-2018

Previous Revision:

2.56_01-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None


Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Important

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HPE ProLiant BL660c Gen9 System ROM - I38

Release Version:

2.60_05-21-2018

Last Recommended or Critical Revision:

2.60_05-21-2018

Previous Revision:

2.56_01-22-2018

Firmware Dependencies:

None

Enhancements/New Features:

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Revision History

Version:2.72_03-25-2019 (1 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.

Known Issues:

None


Version:2.70_12-29-2018 (14 Mar 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the UEFI EDK2 support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2018-3613 CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-3630, CVE-2018-12178, CVE-2018-12179, CVE-2018-12180, CVE-2018-12181, CVE-2018-12182, CVE-2018-12183, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204 and CVE-2018-12205. For additional information please refer to the security bulletin at https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03912en_us.  These security vulnerabilities are not unique to HPE servers.

Known Issues:

None


Version:2.64_10-17-2018(B) (30 Jan 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

Ver. 2.64(B) contains updates to the component packaging and is functionally equivalent to ver. 2.64. It is not necessary to upgrade with Revision B if a previous component Revision was used to upgrade the firmware to version 2.64.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue is not unique to HPE servers. Please consult the following advisory for additional details.   https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00060570en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue only impacts systems configured with Intel Xeon 4600 v4 series processors. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML) when processor C-states are enabled. This issue does not exist when processor C-states are disabled. This issue is not unique to HPE servers.

Known Issues:

None

Enhancements

Added support for Microsoft Windows 2019. This System ROM is the minimum recommended version for use with this operating system version. This revision of the System ROM contains updated support for Windows 2019 when using the optional HPE TPM Module.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.64_10-17-2018 (6 Nov 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue is not unique to HPE servers. Please consult the following advisory for additional details.   https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00060570en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML). This issue only impacts systems configured with Intel Xeon 4600 v4 series processors. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which addresses an issue where the system could experience an unexpected reset or shutdown with no errors logged to the Integrated Management Log (IML) when processor C-states are enabled. This issue does not exist when processor C-states are disabled. This issue is not unique to HPE servers.

Known Issues:

None

Enhancements

Added support for Microsoft Windows 2019. This System ROM is the minimum recommended version for use with this operating system version. This revision of the System ROM contains updated support for Windows 2019 when using the optional HPE TPM Module.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.60_05-21-2018 (8 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where uncorrectable Quick Path Interlink (QPI) errors would not be reported properly and logged to the Integrated Management Log. Previously, the system would become unresponsive during boot with no indication of a failure.

Addressed an issue where systems configured Intel Xeon E5-2600 v4 processors and 64GB LRDIMMs may experience a Machine Check Exception or NMI event when under heavy stress. This issue is not unique to HPE Servers.

Addressed an issue where the HPE RESTful settings for Software Initiator iSCSI may not be available in the resource registry.

Known Issues:

None

Enhancements

Added support to allow for the ROM Based Setup Utility (RBSU) Power Regulator setting to be set to Static Low or OS Control Mode when the Processor Power and Utilization Support was disabled. Previous ROMs required the Power Regulator to be configured for Static High Mode only.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.56_01-22-2018 (23 Feb 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM addresses issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.54_12-07-2017 (3 Jan 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

REMOVED - This version of the System ROM is NO LONGER AVAILABLE for download.

On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2.52_10-25-2017 (24 Oct 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

This System ROM revision replaces the 2.50 revision. An issue was found with the 2.50 revision of the System ROM that may result in a system hang during boot with a messaging indicating “Memory Initialization - complete” with certain memory configurations. The 2.50 revision of the System ROM has been removed from the HPE Support Site. It is highly recommended that any customers using the 2.50 revision of the System ROM upgrade to the 2.52 revision or later.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where Processor Core Disable may not function properly, such as disabling the wrong number of cores, when Intel Xeon E5 v4 processors are installed in the system. This issue does not impact systems configured with Intel Xeon E5 v3 processors.

Addressed an issue where systems configured with a Honeywell LCNP4 card installed may stop responding during system boot.

Addressed an issue where the system may become unresponsive during system boot when an optional HPE Dual 8GB MicroSD USB device is installed with firmware version 202. This issue does not impact servers configured with an HPE Dual 8GB MicroSD USB device using revision of firmware 212 or later.

Known Issues:

None
Enhancements

Added support for Trusted Platform Module (TPM) 2.0 Firmware flash updates. For systems configured with the optional TPM 2.0 device, this is the minimum revision of the System ROM required to update TPM firmware.

Updated the HPE RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.40_02-17-2017 (12 Jul 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

This revision contains updates to the component packaging.  It is not necessary to upgrade with this revision if the system ROM was previously upgraded to version 2.40_02-17-2017. To deploy this revision with Smart Update Manager, SUM 8.0.0 or later is required.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system may become unresponsive during system boot when a third party USB 3.0 XHCI adapter card is installed in the server.

Addressed an issue where the system may properly indicate that a DIMM has experienced a high rate of corrected memory errors in the Integrated Management Log (IML), but the DIMM's status may incorrectly be reported in the iLO GUI as healthy. The iLO GUI will now report the DIMM's status as degraded.

Addressed an issue where the system may become unresponsive during system boot when a USB-based UPS is attached to the server USB ports. This issue only impacted a system when configured for legacy boot mode.

Addressed an issue where the system may not properly report and log errors to the Integrated Management Log (IML) detected on the optional HPE Dual SD Card option. This issue only impacted logging when the system performed a warm reset.

Known Issues:

None

Enhancements

Updated the system thermal logic to support the latest adapters.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.40_02-17-2017(B) (21 Apr 2017)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

Version 2.40_02-17-2017 (B) contains updates to the component packaging and is functionally equivalent to version 2.40_02-17-2017.  It is not necessary to upgrade with Revision B if the system ROM was previously upgraded to version 2.40_02-17-2017.

SUM version 7.6.0  or earlier should be used for deployment of 2.40_02-17-2017 (B).

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the system may become unresponsive during system boot when a third party USB 3.0 XHCI adapter card is installed in the server.

Addressed an issue where the system may properly indicate that a DIMM has experienced a high rate of corrected memory errors in the Integrated Management Log (IML), but the DIMM's status may incorrectly be reported in the iLO GUI as healthy. The iLO GUI will now report the DIMM's status as degraded.

Addressed an issue where the system may become unresponsive during system boot when a USB-based UPS is attached to the server USB ports. This issue only impacted a system when configured for legacy boot mode.

Addressed an issue where the system may not properly report and log errors to the Integrated Management Log (IML) detected on the optional HPE Dual SD Card option. This issue only impacted logging when the system performed a warm reset.

Known Issues:

None

Enhancements

Updated the system thermal logic to support the latest adapters.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.30_09-12-2016 (21 Oct 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where fatal system errors may not be logged to the Integrated Management Log (IML) when an error occurs on any processor other than Processor 1.

Addressed an extremely rare issue where the system may receive a Red Screen error and become unresponsive during boot. This issue would not be seen if the ROM Based Setup Utility (RBSU) Option for Dynamic Power Calibration is set to Disabled (the default for this option is Auto which could result in this issue).

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system may not perform optimally with certain memory intensive workloads when the BIOS Configurations/RBSU QPI Snoop Configuration option is configured for Cluster on Die mode with Intel Xeon E5-4600 v4 series processors. This issue does NOT impact systems configured with Intel Xeon E5-4600 v3 series processors or with other QPI Snoop configurations. This issue had a significant impact on the STREAM benchmark.

Known Issues:

None

Enhancements

Added support for HPE 128GB SmartMemory Load Reduced DIMMs (LRDIMMs).

Updated to the latest support modules for Intel Trusted eXecution Technology (TXT) including the Intel Authenticated Code Module (ACM) and Intel Secure Initialization (SINIT) module.

Updated the UEFI Secure Boot Key Database revocations list (DBX) with the latest version from Microsoft. This includes the latest list of revoked certificates.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:2.20_05-05-2016 (9 Jun 2016)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system that experiences an HPE Smart Storage Battery failure may become unresponsive when configured with iLO Firmware 2.40.  Note there is an issue where a system configured with Integrated Lights-Out (iLO) Firmware version 2.40 may experience an intermittent and false HPE Smart Storage Battery failure, logged in the Integrated Management Log (IML).  Due to the BIOS issue addressed in this revision, the false HPE Smart Storage Battery failure may result in the system becoming unresponsive.  This issue does not impact systems that are not configured with an HPE Smart Storage Battery or systems configured with iLO Firmware 2.30 or earlier.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) USB Boot Options setting may not properly allow the server to boot from the internal SD card before a USB key when SD is higher in the priority list. This issue only affects servers configured in Legacy Boot Mode.

Addressed an issue where the ambient temperature reported by the system during server boot may report incorrectly. This issue also requires an iLO firmware version update to a revision later than 2.4x which will be released later this year. This issue has no impact on the thermal operation of the server and is simply an issue with the temperature displayed during boot. While updating to this revision of the BIOS will not address this issue unless the iLO FW revision is later than 2.4x, there are no issues caused by updating the BIOS without updating iLO FW.

Addressed an issue where the UEFI or Legacy Option ROM for a PCIe adapter may not be properly executed when installed in certain slots. This could cause such issues as an inability to boot using the PCIe adapter. This issue was seen with a Brocade network adapter but could be seen with other adapters.

Addressed an issue where the server health LED may remain set in a degraded or failed state after an error event was resolved during server operation. Previously, a server reset may have been needed to clear the health LED event.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) option for Embedded UEFI Shell Auto Startup Script Network Location does not accept an NSH file name containing upper case characters.

Addressed an issue where the UEFI iSCSI Software Initiator boot options may become invalid if the DHCP server provides a new IP Address to a previously configured iSCSI boot option.

Addressed an issue where the system may become unresponsive during boot when configured with a HPE Dual microSD device when one of the microSD devices is failed or missing.

Addressed an issue where the server may assign incorrect ACPI NUMA proximity allocations for servers configured with two or more processors and with memory only attached to a single processor socket potentially leading to non-optimal performance. This issue does not impact servers with memory configured on multiple processors.

Addressed an issue where the Automatic Server Recovery (ASR) setting may not be configured properly through the HP RESTful API.

Addressed an issue where the internal SD card would remain active after the user has disabled the SD slot from System Utilities BIOS/Platform Configuration (RBSU) option. This issue only affects systems configured in Legacy Boot Mode.

Addressed an issue where the server may become unresponsive when using the PING command from the Embedded UEFI Shell.

Addressed an issue where the UEFI iSCSI Software Initiator boot options may become invalid if the DHCP server provides a new IP Address to a previously configured iSCSI boot option.

Addressed an issue where the system may fail to boot from existing UEFI iSCSI Software Initiator boot options if the user changed the iSCSI Target IP address.

Addressed an issue where the system may fail to boot from UEFI iSCSI Software Initiator boot options that has iSCSI Initiator or Target configured using static IPv6 addresses.

Addressed an issue where the UEFI iSCSI Software Initiator boot option IPv6 address cannot be configured using the HP RESTful API.

Addressed an issue that may result in losing the existing UEFI iSCSI Software Initiator boot options if any of the connection parameters (LUN, Remote Port, IP address, login credentials) change.

Addressed an issue in reporting the incorrect PCIe slot number in the error messages of failed iSCSI boot attempts.

Addressed an issue of iSCSI boot configuration options not being available from the HP RESTful API when there are no network adapters in the system.

Addressed an extremely rare issue where the server may become unresponsive due to a Non Maskable Interrupt (NMI) when performing a shutdown or startup from an Operating System.

Known Issues:

None

Enhancements

Added support for Intel Xeon E5-4600 v4 series processors.

Added support for 128GB Load Reduced DIMMs (LRDIMM).

Enhanced PCIe resource allocation so that systems configured with multiple PCIe expansion devices may in some cases no longer report a "276 Option Card Configuration Error" during system boot due to not having enough I/O resources to support what is requested by the installed devices. This BIOS revision allows a wider range of PCIe configurations that request large amounts of I/O to be configured properly.

Updated the UEFI Secure Boot revocations list (DBX) with the latest copy from Microsoft.

Updated to the latest support modules for Intel Trusted eXecution Technology (TXT) including the Intel Authenticated Code Module (ACM) and Intel Secure Initialization (SINIT) module.

Updated the HP RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Updated the UEFI Secure Boot Key Database revocations list (DBX) with the latest version from Microsoft. This includes the latest list of revoked certificates.

Updated the language translations (non-English modes) for System Utilities.

Increased the default timeout value of the iSCSI UEFI Software Initiator boot to 20 seconds. This may help resolve issues of intermittent connection drop during an iSCSI boot.


Version:1.60_10-29-2015 (1 Apr 2016)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the user may not be able to properly download an Active Health Systems (AHS) file from System Utilities or the Embedded UEFI Shell when certain date ranges were used.

Addressed an issue where a system configured with a Trusted Platform Module (TPM) may improperly measure an extra EV_SEPARATOR into the TPM PCR7.

Addressed an issue where the Active Health System (AHS) file could not be downloaded to the embedded SD card from the Embedded UEFI Shell.

Addressed issues with USB support in the pre-boot environment when the system is configured in Legacy Boot Mode. These issues did not affect systems configured in UEFI Boot Mode.

Addressed an issue where certain optional PCIe video adapters would fail to work properly when using a Linux operating system.

Addressed an issue where industry standard SMBIOS Type 9 entries for PCIe Slots attached to a not installed processor did not exist.

Addressed an issue where the UEFI iSCSI Boot Configuration may not work properly when configuring these options through the HP RESTful Interface. This issue does not affect systems where the UEFI iSCSI Boot Configuration is configured through the System Utilities BIOS/Platform Configuration (RBSU).

Addressed an issue where the drives attached to an HP Smart Array controller may not be detected on the first boot after switching from UEFI Boot Mode to Legacy Boot Mode.

Addressed an issue where the PXE Boot Policy does not function properly when the Network VLAN Configuration option is enabled. When Network VLAN Configuration is enabled, the server would always attempt to boot both iPV4 and iPV6 regardless of the PXE Boot Order Policy setting.

Addressed an issue where the server would display a Red Screen error and become unresponsive when exiting the System Utilities Embedded User Diagnostics when configured for Legacy Boot Mode. This issue does not impact systems configured for UEFI Boot Mode.

Addressed an issue where the HP ProLiant Dynamic Power Regulator would not function properly when configured for Slow Mode. In rare cases, this could cause the system to not optimally switch processor power states.

Addressed an issue where the system may display a Red Screen error and become unresponsive from the Embedded UEFI Shell when interrupting the ping command via a CTRL-C key press.

Addressed an issue where the system may report a 335-HP RESTful API error after setting the BIOS Administrator password through the HP RESTful API.

Addressed an issue where the Date and Time may be set incorrectly when using the Date and Time option from the BIOS/Platform Configuration (RBSU) when the Daylight Savings Time option is enabled.

Addressed an issue where the server may display a Red Screen error and become unresponsive during boot when more than 256 hard drives are attached to a storage controller. The UEFI BIOS will now limit the enumeration of bootable devices to 256 entries.

Addressed an issue where video is not displayed when using the embedded video controller with certain newer monitors, such as the HP E190i, which do not properly operate in native resolutions such as 1280x1024.

Addressed an issue with the incorrect version of the HpServerBootSettings schema in the HP RESTful API.

Addressed an issue where the server could become unresponsive during boot or from the Embedded UEFI Shell when a Block I/O device such as a USB key or hard drive has a corrupt FAT32 file system.

Addressed an issue where an erroneous 312 - HP Smart Battery error message would be displayed and logged to the Integrated Management Log (IML) on the first boot after the system battery was removed from the server.

Addressed an issue where the UEFI or Legacy Option ROM for a PCIe adapter may not be properly executed when installed in certain slots. This could cause such issues as an inability to boot using the PCIe adapter. This issue was seen with a Brocade network adapter but could be seen with other adapters.

Addressed an issue where the server may not properly detect the HPE c-Class PCI Expansion Blade.

Removed the System Utilities BIOS/Platform Configuration (RBSU) Automatic Power-on Option for Restore Last Power State as this option is not supported by blade servers.

Known Issues:

None

Enhancements

Added support for an optional Trusted Platform Module (TPM) 2.0.

Added support to detect and log when memory performance may be degraded due to a high rate of correctable memory errors. When this condition is detected, a new Integrated Management Log (IML) message will be logged indicating a "High rate of corrected memory errors, performance may be degraded".

Added support to the Embedded UEFI Shell to allow the user to export Secure Boot certificates to a file.

Added support to automatically initialize the Trusted Platform Modules (TPM) nonvolatile storage when the TPM is first installed on a platform. This feature helps avoid issues where a TPM may be locked out from use to an operating system and requires the user to manually clear the TPM setting from the BIOS/Platform Configuration (RBSU) menus when first installed.

Updated branding during the boot process and in the pre-boot System Utilities from HP to Hewlett Packard Enterprise. No branding changes were made that could impact software running on the system. Industry standard SMBIOS tables were NOT updated to reflect Hewlett Packard Enterprise branding.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Added support to the HP RESTful API to allow the user to configure the UEFI boot order when the system is configured for Legacy Boot Mode.


Version:1.52_09-24-2015 (29 Sep 2015)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may experience Machine Check Exceptions or unexpected reboots under heavy load and high temperature. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) Dynamic Power Savings Mode Response Option when configured for Slow Mode may not efficiently switch processor performance modes resulting in lower than expected performance.

Addressed an issue where the Channel Interleaving option in the ROM Based Setup Utility (RBSU) did not function when configured for Disabled. Even when this option was configured to Disabled, Channel Interleaving would be enabled.

Addressed an issue where a server configured for UEFI boot mode may become unresponsive during boot when configured with an optional graphics controller that does not support UEFI boot mode. This issue does not affect systems configured in Legacy Boot Mode.

Addressed an issue in the HP RESTful API data model with the reporting of "EmbSasXBoot" and "SlotXStorageBoot" properties in the HpBiosMappings resource. The properties were not associated with the correct PCI devices for the embedded and optional storage controllers.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Addressed an issue in the HP RESTful API BIOS support that resulted in internal HTTP sessions between BIOS and iLO left open during boot. This can result in the iLO Event Log indicating multiple events for HTTP session logins.

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system would not reset configuration settings to defaults when using the Embedded UEFI Shell Sysconfig -d command.

Addressed an issue where the HP RESTful API and Embedded UEFI Shell description of the storage controller may begin with an instance of 2 instead of 1 when only one storage controller was installed in the server.

Addressed an issue where the system may fail to boot a Linux Operating System when using serial console redirection when the physical Serial Port is disabled and the iLO Virtual Serial Port is enabled.

Addressed an issue where a system configured for Legacy Boot Mode may become unresponsive during boot and display a NMI error when the Virtual Install Disk is enabled.

Addressed an issue where a system configured for UEFI Boot Mode with an optional PCI Express based USB 3.0 controller installed may not be able to properly load the USB driver under the operating system. This issue does not affect systems configured in Legacy Boot Mode.

Known Issues:

None
Enhancements

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format. This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.50_07-20-2015 (10 Sep 2015)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


REMOVED - Version 1.50_07-20-2015 of the System ROM is NO LONGER AVAILABLE for download due to an issue that may result in Red Screen errors during boot for servers with HP FlexFabric 20Gb 2-port 650FLB Adapters  or HP FlexFabric 20Gb 2-port 650M Adapters installed with firmware revision 10.5.65.21 and an issue that may very rarely result in Red Screens during boot (even if the 650FLB or 650M Adapters are not installed).  Please use the replacement version 1.52_09-24-2015 or later versions.   Refer to HP Customer Advisory c04800262  for more details.

Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may experience Machine Check Exceptions or unexpected reboots under heavy load and high temperature. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Addressed an issue where the System Utilities BIOS/Platform Configuration (RBSU) Dynamic Power Savings Mode Response Option when configured for Slow Mode may not efficiently switch processor performance modes resulting in lower than expected performance.

Addressed an issue where the system may not properly respond to error events from devices attached to certain PCI Express root ports.

Addressed an issue where the Channel Interleaving option in the ROM Based Setup Utility (RBSU) did not function when configured for Disabled. Even when this option was configured to Disabled, Channel Interleaving would be enabled.

Addressed an issue where a server configured for UEFI boot mode may become unresponsive during boot when configured with an optional graphics controller that does not support UEFI boot mode. This issue does not affect systems configured in Legacy Boot Mode.

Addressed an issue in the HP RESTful API data model with the reporting of "EmbSasXBoot" and "SlotXStorageBoot" properties in the HpBiosMappings resource. The properties were not associated with the correct PCI devices for the embedded and optional storage controllers.

Addressed an issue where the server may become unresponsive during boot when configured with a very large number of disks such as fibre adapters.

Addressed an issue in the HP RESTful API BIOS support that resulted in internal HTTP sessions between BIOS and iLO left open during boot. This can result in the iLO Event Log indicating multiple events for HTTP session logins.

Addressed an issue where the system would become unresponsive during boot and display a NMI error when configured with an optional PCI Express device supporting older versions of the PCI Express specification.

Addressed an issue where the system would not reset configuration settings to defaults when using the Embedded UEFI Shell Sysconfig -d command.

Addressed an issue where the HP RESTful API and Embedded UEFI Shell description of the storage controller may begin with an instance of 2 instead of 1 when only one storage controller was installed in the server.

Addressed an issue where the system may fail to boot a Linux Operating System when using serial console redirection when the physical Serial Port is disabled and the iLO Virtual Serial Port is enabled.

Addressed an issue where a system configured for Legacy Boot Mode may become unresponsive during boot and display a NMI error when the Virtual Install Disk is enabled.

Addressed an issue where a system configured for UEFI Boot Mode with an optional PCI Express based USB 3.0 controller installed may not be able to properly load the USB driver under the operating system. This issue does not affect systems configured in Legacy Boot Mode.

Known Issues:

None

Enhancements

REMOVED - Version 1.50_07-20-2015 of the System ROM is NO LONGER AVAILABLE for download due to an issue that may result in Red Screen errors during boot for servers with HP FlexFabric 20Gb 2-port 650FLB Adapters  or HP FlexFabric 20Gb 2-port 650M Adapters installed with firmware revision 10.5.65.21 and an issue that may very rarely result in Red Screens during boot (even if the 650FLB or 650M Adapters are not installed).  Please use the replacement version 1.52_09-24-2015 or later versions.   Refer to HP Customer Advisory c04800262  for more details.

Added a Date and Time BIOS/Platform Configuration (RBSU) option to configure the Time Format. This option controls how the system date and time is stored in the Real Time Clock and presented to the operating system. By default, the time is formatted for Coordinated Universal Time (UTC). The users may optionally change the time format to Local Time which removes the use of the time zone. This option may be used to work around interaction issues between the system and Microsoft Windows operating systems running in legacy boot mode that can result in the time to be incorrect.

Added a new System Utilities BIOS/Platform Configuration (RBSU) IPv6 DHCP Unique Identifier menu that allows the user to select how the UEFI BIOS will use the DHCP Unique Identifier (DUID) for IPv6 PXE Boot. By default, the system will use the server's Unique Universal Identifier (UUID). The user can now optionally select to use the DUID-LLT as the unique identifier for PXE Boot. This setting applies when the server is configured to UEFI Boot Mode.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.


Version:1.40_05-06-2015 (15 Jun 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the platform may become unresponsive during system boot when the server is configured for Legacy Boot Mode and the USB Boot Support has been disabled.

Addressed an issue where the Intel NIC DMA Channels (IOAT) option could not be properly be configured from the Embedded UEFI Shell via the Sysconfig command.

Addressed an issue where the +/- keys in the BIOS/Platform Configuration (RBSU) Boot Options menu were not functioning properly when configuring the server through a BIOS Serial Console Session.

Addressed an issue where the fwupdate Embedded UEFI Shell command and the Firmware Update pre-boot application could hang during a firmware update and not successfully flash the device.

Addressed an issue where the server may fail to boot properly to a Windows Deployment Server (WDS) when configured for IPv6 network boot mode.

Addressed an issue where an optional PCIe adapter's legacy Expansion ROM may not run properly or the Expansion ROM's Setup Utility may not run properly when the server is configured for Legacy Boot Mode. This issue was seen with a Seagate storage adapter but may impact other devices.

Addressed an issue where the Administrator Password would not be properly configured from the Embedded UEFI Shell Sysconfig command.

Addressed an issue where a system could become unresponsive when booting to Linux Operating when serial output was enabled from the operating system and the iLO Virtual Serial Port was the only enabled UART.

Addressed various issues with webclient and ftp commands in the Embedded UEFI Shell.

Addressed an issue in which an Interphase audio streaming PCI-express expansion card may not achieve optimal performance resulting in dropped packets when streaming data. A similar issue could be seen with other PCI-express expansion cards implemented with a PCI device behind a PLX PCIe-to-PCI bridge. This type of PCI-express card implementation is more common with older PCI-express expansion cards.

Addressed an issue where the system may experience a Linux kernel panic when booting from a SATA optical drive attached to the embedded SATA controller when the SATA controller is configured for Dynamic Smart Array B140i support.

Addressed an issue where the system health LED would remain blinking RED (indicating a failed state) due to a power supply failure after the power supply had been replaced. Once the power supply is replaced, the system health LED should have returned to the blinking GREEN state. With previous revisions of the System ROM, the system health LED would not return to GREEN until after a reboot when a failed power supply is replaced.

Addressed an issue where the system health LED would remain blinking AMBER (indicating a degraded state) due to an installed power supply not being plugged in after the power supply had been plugged in. Once the power supply is plugged in, the system health LED should have returned to the blinking GREEN state. With previous revisions of the System ROM, the system health LED would not return to GREEN until after a reboot when an unplugged power supply is plugged in.

Addressed an issue where a system may become unresponsive when launching a guest operating system under a Hypervisor operating system such as Citrix or VMware when VT-d is enabled. This issue is NOT unique to HP servers.

Addressed a possible issue where the platform may become unresponsive during POST when the user selects the Simplified Chinese language in System Utilities.

Known Issues:

None
Enhancements

Added a Server Security BIOS/Platform Configuration (RBSU) option to Enable or Disable "Processor AES-NI Support". This option enables or disables the Advanced Encryption Standard Instruction Set. The option is enabled by default and was enabled automatically with previous revisions of the BIOS.

Added support for UEFI iSCSI Software Initiator boot functionality. The iSCSI Software Initiator boot support can be enabled on any network card that is in Ethernet mode. The iSCSI network settings can be configured in the new System Utilities BIOS/Platform Configuration (RBSU) iSCSI Boot Configuration menu, as well as using the HP RESTful API HpiScsiSoftwareInititiator resource type. This option is only available in UEFI Boot Mode.

Added a BIOS/Platform Configuration (RBSU) Network Option for VLAN Configuration. This option allows the user to configure Virtual LAN (VLAN) settings for all network devices present in the system. This option is only available in UEFI Boot Mode.

Added a new System Utilities Embedded Applications Active Health System Log option. This option allows users to download Active Health System (AHS) Logs.

Added support for additional Storage Options to BIOS/Platform Configuration (RBSU). These new options allow the user to configure the number of boot targets that are listed per storage controller in the UEFI Boot Order. This option can be used to limit the number of boot targets to simplify the UEFI boot order and decrease boot time. These options are only available in UEFI Boot Mode.

Added pre-boot OHCI USB support. This will allow an optional PCIe USB controller, such as available on the Teradici PCoIP Zero Client card, to be functional in a pre-boot environment. This also adds support for booting from USB devices attached to optional PCIe OHCI USB controllers. Support for OHCI USB controllers should be available from operating system drivers when not in the pre-boot environment.

Added support for a new partitions command in the Embedded UEFI Shell. This command can be used to view all available drive partitions.

Added support for a new ahsdownload command in the Embedded UEFI Shell. This command can be used to download Active Health System (AHS) files.

Added support for a new restclient command in the Embedded UEFI Shell. This command can be used to configure the server through the HP RESTful services.

Updated the HP RESTful API HP BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Updated the HPRESTful API support to report and set the default UEFI Boot Order settings using the HpServerBootOrder resource type.

Updated the language translations (non-English modes) for System Utilities.

Updated the HP RESTful API support for HpBios resource to rename "SecureBoot" property to "SecureBootStatus" to avoid conflict with the "SecureBoot" property in HpSecureBoot resource. This change will impact any scripts written with a dependency on the "SecureBoot" property in the HpBios resource.

Updated the System Utilities BIOS/Platform Configuration (RBSU) Fibre Channel/FCoE Scan Policy option to default to Scan Configured Targets only. Previous revisions of the System ROM defaulted to scanning all targets.

Enhanced the thermal solution to provide proper cooling for optional PCIe graphics and acceleration cards.

Enhanced the System Utilities System Information and the Embedded UEFI Shell sysinfo command to provide additional details for the processor, memory, PCI subsections. In addition, added a new Firmware Information menu to System Information to provide a list of current firmware revisions for supported components.

Reduced boot time when the Dynamic Smart Array B140i RAID is enabled.

Added a new Server Availability BIOS/Platform Configuration (RBSU) Automatic Power On configuration option setting. This option allows the user to configure the power on policy of the server when power is first applied. The options are Enabled to allow the server to automatically power on when first installed into the enclosure or Disabled to allow the server to remain powered off when first installed into the enclosure.


Version:1.30_03-05-2015(B) (3 Jun 2015)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This is the initial version of the firmware.

Known Issues:

None

Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.