Printable version

Drivers & software

** CRITICAL ** *REMOVED* System ROM Flash Binary - HPE ProLiant m710x (H07) Server Cartridge

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Login Required) - System ROM
Version: 1.60_12-12-2017(5 Jan 2018)
Operating System(s): CentOS 6
CentOS 7
Citrix XenServer 6.x (x86-64)
Citrix XenServer 7.x (x86-64)
Microsoft Windows 10 (64-bit)
Microsoft Windows 7 (64-bit)
Microsoft Windows 8.1 (64-bit)
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
OS Independent
Red Hat Enterprise Linux 6 Server (x86)
Red Hat Enterprise Linux 6 Server (x86-64)
Red Hat Enterprise Linux 7 Server
SUSE Linux Enterprise Server 12
Ubuntu 14.04 LTS (x86-64)
VMware vSphere 6.5
REMOVED - This version of the System ROM is NO LONGER AVAILABLE for download. See Important Notes for more information. This release provides the system ROM flash binary that can be installed via the iLO Chassis Manager when updating HPE ProLiant m710x Server Cartridges in an HPE Moonshot 1500 Chassis or via the iLO user interface when updating HPE ProLiant m710x Server Cartridges in an HPE Edgeline EL4000 Converged Edge System or HPE Edgeline EL1000 Converged Edge System.

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.
 
 

Prerequisites:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.


To ensure the integrity of your download, HPE recommends verifying your results with the following SHA-256 Checksum values:

e33e7616e4e7ff7c2ad76a230af5a3bc6dc29e8f5c5b065c98b8d1cda8b040c9 ProLiant_m710x_Server_ROM_H07_1.60_12_12_2017.signed.flash
88f3287add960376b95175a926af95da5e160b3ccc37d1b1c3ec81e7bf41e3f6 H07_1.60_12_12_2017

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

For installation instructions for updating this package on HPE ProLiant m710x Server Cartridges in an HPE Moonshot 1500 Chassis, refer to the Moonshot Component Pack Update Guide available on the HPE Information Library, http://www.hpe.com/info/moonshot/docs filtered for Moonshot.

 

To update this package on HPE ProLiant m710x Server Cartridges in an HPE Edgeline EL4000 Converged Edge System or HPE Edgeline EL1000 Converged Edge System, follow these steps using the iLO Web UI:

 

1.       Copy the binary file to a USB media.

2.      Attach the media to your local work station.

3.      Using a Web Browser, proceed to the iLO Web UI using the iLO IP Address.

4.      Expand “Administration” and select “Firmware”.

6.      Select Browse at Local Binary File.

7.      Select the Firmware file to be flashed.                           

8.      Select the Flash to begin update process and wait for the firmware flash complete message to display. 


End User License Agreements:
HPE Software License Agreement v1
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Deliverable Name:

HPE ProLiant m710x Server Cartridge System ROM - H07

Release Version:

1.60_12-12-2017

Last Recommended or Critical Revision:

1.60_12-12-2017

Previous Revision:

1.50_10-25-2017

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Enhancements/New Features:

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Deliverable Name:

HPE ProLiant m710x Server Cartridge System ROM - H07

Release Version:

1.60_12-12-2017

Last Recommended or Critical Revision:

1.60_12-12-2017

Previous Revision:

1.50_10-25-2017

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Enhancements/New Features:

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Version:1.82_12-06-2019 (8 Jan 2020)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode and reference code which provides mitigation for CVE-2019-11157. This security vulnerability is not unique to HPE servers. This vulnerability only impacts systems with Intel SGX (Software Guard eXtentions) enabled (SGX is disabled by default). HPE strongly recommends that customers using SGX functionality upgrade to this revision of the System ROM to obtain mitigation for this vulnerability.

Known Issues:

None

Version:1.80_11-14-2019 (25 Nov 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for CVE-2017-5715, CVE-2019-11135, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-11091, CVE-2019-0123, and CVE-2019-0117. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-0185. These issues are not unique to HPE servers.

Known Issues:

None

Version:1.78_04-09-2019 (20 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS). This includes support for mitigating the following vulnerabilities: CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 - Microarchitectural Load Port Data Sampling, and CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory. These issues are not unique to HPE servers.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS). This includes support for mitigating the following vulnerabilities: CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 - Microarchitectural Load Port Data Sampling, and CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory. These issues are not unique to HPE servers.

Known Issues:

None

Version:1.76_02-26-2019 (7 Mar 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue where m710x blades might experience unexpected resets when the GPU or CPU is stressed.

Known Issues:

None


Version:1.74_12-19-2018 (6 Mar 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue where intermittent hardware errors on Toshiba XG5/5P family NVMe drives would cause the drives to no longer be recognized by the OS.

Known Issues:

None
Enhancements

Added support for Intel Movidius Myriad X VPU.

Added an option in the RBSU under Performance Options -> Advanced Performance Options where the user can adjust the maximum frequency of the Internal Graphics Engine.


Version:1.72_10-09-2018 (6 Mar 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue on EL1000 where disabling PCIe slots 10, 11, 12, or 13 would disable all 4 slots and the USB controller in the chassis. Due to architectural limitations these 4 slots can no longer be disabled via RBSU.

Known Issues:

None
Enhancements

Added support for HPE Edgeline NVMe HH M.2 Kit for EL1000 and EL4000 chassis.

Added an RBSU option to disable the embedded Iris Pro in the processor.


Version:1.68_05-10-2018 (11 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – SGX (CVE-2018-3615),  L1 Terminal Fault – OS/SMM (CVE-2018-3620), and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  L1 Terminal Fault – SGX, also known as Foreshadow, may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side channel analysis.  L1 Terminal Fault – VMM/SMM and L1 Terminal Fault – VMM may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – SGX (CVE-2018-3615),  L1 Terminal Fault – OS/SMM (CVE-2018-3620), and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  L1 Terminal Fault – SGX, also known as Foreshadow, may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side channel analysis.  L1 Terminal Fault – VMM/SMM and L1 Terminal Fault – VMM may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where the System ROM would occasionally report a 234-DIMM Initialization Error during boot.

Addressed an issue where the Universal Unique ID (UUID) for the HPE ProLiant m710x Server Cartridge was not unique when used in an Edgeline EL chassis. This issue does NOT impact server cartridges installed in an HPE Moonshot Chassis. Issues may occur when multiple servers are on the same network with the same UUID.

Addressed an issue where iSCSI and boot settings were previously hidden in the resource directory.

Addressed an issue with Power Regulator not allowing for OS Control when Power Regulator was disabled.

Known Issues:

None

Enhancements

Enhanced options for the Custom External Throttling Control configuration option. This feature controls whether a cartridge in a multi-node chassis will have its power and performance throttled when the chassis exceeds its power threshold.


Version:1.64_01-22-2018 (27 Feb 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM addresses issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:1.60_12-12-2017 (5 Jan 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Enhancements

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.
 
 


Version:1.50_10-25-2017 (9 Nov 2017)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 to support Edgeline Chassis.

Enhancements/New Features:

Added support for Trusted Platform Module (TPM) 2.0 Firmware flash updates. For systems configured with the optional TPM 2.0 device, this is the minimum revision of the System ROM required to update TPM firmware.

Known Issues:

None


Version:1.22_06-13-2017 (6 Jul 2017)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

ProLiant m710x Server Cartridge must have HPE iLO on Moonshot firmware v2.50 or later

Problems Fixed:

Addressed an issue with Intel Xeon E3-1200 v5 series processors in which a complex number of concurrent micro-architectural conditions may result in unpredictable system behavior when Intel Hyperthreading is enabled. This revision of the System ROM contains an updated version of Intel’s microcode for this processor that addresses this issue. The issue requires short loops of less than 64 instructions that use the AH, BH, CH, or DH registers as well as their corresponding wider registers (e.g. RAX, EAX, or AX for AH) when both logical processors on the same physical processor core are active. This issue is not unique to HPE ProLiant servers and could impact any system utilizing affected processors that do not include the updated microcode. Due to the potential severity of the issue addressed in this revision of the System ROM, this System ROM upgrade is considered a critical fix for systems with Intel Hyperthreading enabled (which is the default for systems using processors which support Intel Hyperthreading).

Known Issues:

None


Type: BIOS (Login Required) - System ROM
Version: 1.60_12-12-2017(5 Jan 2018)
Operating System(s):
CentOS 6
CentOS 7
Citrix XenServer 6.x (x86-64)
Citrix XenServer 7.x (x86-64)
Microsoft Windows 10 (64-bit)
Microsoft Windows 7 (64-bit)
Microsoft Windows 8.1 (64-bit)
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016
OS Independent
Red Hat Enterprise Linux 6 Server (x86)
Red Hat Enterprise Linux 6 Server (x86-64)
Red Hat Enterprise Linux 7 Server
SUSE Linux Enterprise Server 12
Ubuntu 14.04 LTS (x86-64)
VMware vSphere 6.5

Description

REMOVED - This version of the System ROM is NO LONGER AVAILABLE for download. See Important Notes for more information. This release provides the system ROM flash binary that can be installed via the iLO Chassis Manager when updating HPE ProLiant m710x Server Cartridges in an HPE Moonshot 1500 Chassis or via the iLO user interface when updating HPE ProLiant m710x Server Cartridges in an HPE Edgeline EL4000 Converged Edge System or HPE Edgeline EL1000 Converged Edge System.

Enhancements

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.
 
 

Installation Instructions

Prerequisites:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.


To ensure the integrity of your download, HPE recommends verifying your results with the following SHA-256 Checksum values:

e33e7616e4e7ff7c2ad76a230af5a3bc6dc29e8f5c5b065c98b8d1cda8b040c9 ProLiant_m710x_Server_ROM_H07_1.60_12_12_2017.signed.flash
88f3287add960376b95175a926af95da5e160b3ccc37d1b1c3ec81e7bf41e3f6 H07_1.60_12_12_2017

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

For installation instructions for updating this package on HPE ProLiant m710x Server Cartridges in an HPE Moonshot 1500 Chassis, refer to the Moonshot Component Pack Update Guide available on the HPE Information Library, http://www.hpe.com/info/moonshot/docs filtered for Moonshot.

 

To update this package on HPE ProLiant m710x Server Cartridges in an HPE Edgeline EL4000 Converged Edge System or HPE Edgeline EL1000 Converged Edge System, follow these steps using the iLO Web UI:

 

1.       Copy the binary file to a USB media.

2.      Attach the media to your local work station.

3.      Using a Web Browser, proceed to the iLO Web UI using the iLO IP Address.

4.      Expand “Administration” and select “Firmware”.

6.      Select Browse at Local Binary File.

7.      Select the Firmware file to be flashed.                           

8.      Select the Flash to begin update process and wait for the firmware flash complete message to display. 


Release Notes

End User License Agreements:
HPE Software License Agreement v1
The MIT License Agreement
OpenSSL License Agreement, Version 0.9.8
PNG Graphics File Format Software End User License Agreement
UEFI EDK2 License
zlib End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Deliverable Name:

HPE ProLiant m710x Server Cartridge System ROM - H07

Release Version:

1.60_12-12-2017

Last Recommended or Critical Revision:

1.60_12-12-2017

Previous Revision:

1.50_10-25-2017

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Enhancements/New Features:

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None


Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Important

Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Deliverable Name:

HPE ProLiant m710x Server Cartridge System ROM - H07

Release Version:

1.60_12-12-2017

Last Recommended or Critical Revision:

1.60_12-12-2017

Previous Revision:

1.50_10-25-2017

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Enhancements/New Features:

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Revision History

Version:1.82_12-06-2019 (8 Jan 2020)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode and reference code which provides mitigation for CVE-2019-11157. This security vulnerability is not unique to HPE servers. This vulnerability only impacts systems with Intel SGX (Software Guard eXtentions) enabled (SGX is disabled by default). HPE strongly recommends that customers using SGX functionality upgrade to this revision of the System ROM to obtain mitigation for this vulnerability.

Known Issues:

None

Version:1.80_11-14-2019 (25 Nov 2019)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for CVE-2017-5715, CVE-2019-11135, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-11091, CVE-2019-0123, and CVE-2019-0117. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-0185. These issues are not unique to HPE servers.

Known Issues:

None

Version:1.78_04-09-2019 (20 May 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS). This includes support for mitigating the following vulnerabilities: CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 - Microarchitectural Load Port Data Sampling, and CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory. These issues are not unique to HPE servers.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS). This includes support for mitigating the following vulnerabilities: CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 - Microarchitectural Load Port Data Sampling, and CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory. These issues are not unique to HPE servers.

Known Issues:

None

Version:1.76_02-26-2019 (7 Mar 2019)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue where m710x blades might experience unexpected resets when the GPU or CPU is stressed.

Known Issues:

None


Version:1.74_12-19-2018 (6 Mar 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue where intermittent hardware errors on Toshiba XG5/5P family NVMe drives would cause the drives to no longer be recognized by the OS.

Known Issues:

None
Enhancements

Added support for Intel Movidius Myriad X VPU.

Added an option in the RBSU under Performance Options -> Advanced Performance Options where the user can adjust the maximum frequency of the Internal Graphics Engine.


Version:1.72_10-09-2018 (6 Mar 2019)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Resolved an issue on EL1000 where disabling PCIe slots 10, 11, 12, or 13 would disable all 4 slots and the USB controller in the chassis. Due to architectural limitations these 4 slots can no longer be disabled via RBSU.

Known Issues:

None
Enhancements

Added support for HPE Edgeline NVMe HH M.2 Kit for EL1000 and EL4000 chassis.

Added an RBSU option to disable the embedded Iris Pro in the processor.


Version:1.68_05-10-2018 (11 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – SGX (CVE-2018-3615),  L1 Terminal Fault – OS/SMM (CVE-2018-3620), and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  L1 Terminal Fault – SGX, also known as Foreshadow, may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side channel analysis.  L1 Terminal Fault – VMM/SMM and L1 Terminal Fault – VMM may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – SGX (CVE-2018-3615),  L1 Terminal Fault – OS/SMM (CVE-2018-3620), and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  L1 Terminal Fault – SGX, also known as Foreshadow, may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side channel analysis.  L1 Terminal Fault – VMM/SMM and L1 Terminal Fault – VMM may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Addressed an issue where the System ROM would occasionally report a 234-DIMM Initialization Error during boot.

Addressed an issue where the Universal Unique ID (UUID) for the HPE ProLiant m710x Server Cartridge was not unique when used in an Edgeline EL chassis. This issue does NOT impact server cartridges installed in an HPE Moonshot Chassis. Issues may occur when multiple servers are on the same network with the same UUID.

Addressed an issue where iSCSI and boot settings were previously hidden in the resource directory.

Addressed an issue with Power Regulator not allowing for OS Control when Power Regulator was disabled.

Known Issues:

None

Enhancements

Enhanced options for the Custom External Throttling Control configuration option. This feature controls whether a cartridge in a multi-node chassis will have its power and performance throttled when the chassis exceeds its power threshold.


Version:1.64_01-22-2018 (27 Feb 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM addresses issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:1.60_12-12-2017 (5 Jan 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

“On January 11, Intel announced issues with an increased frequency of reboots when using the microcodes they released to address Variant 2 of the Spectre Vulnerability for numerous processors including Broadwell, Haswell, Skylake, Kaby Lake, Ivybridge, and Sandybridge processors. Mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown) vulnerabilities require only OS updates and are not impacted.

Due to the severity of the potential issues that may occur when using these microcodes addressing Variant 2, Intel now recommends that customers discontinue their use.  Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.  HPE is in alignment with Intel in our recommendation that customers discontinue use of System ROMs including impacted microcodes and revert to earlier System ROM versions. Earlier versions of the System ROMs display on the ‘Revision History’ tab. Clicking the ‘Obtain software’ link opens the HPE Customer Advisory on this topic where the recommended version of an earlier System ROM for each affected platform is provided along with additional information about this critical issue. “

Firmware Dependencies:

HPE iLO on Moonshot v2.50 or later to support Edgeline Chassis.

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Addressed an issue preventing Intel® SGX Software Controlled interface from being enabled.

Addressed an issue restricting valid Intel® SGX EPOCH value ranges through RESTful API.

Known Issues:

None

Enhancements

Added support for configuring Enforce Throttling in a multi-node chassis. This feature allows a user to exclude the node from being throttled down on power input loss events.
 
 


Version:1.50_10-25-2017 (9 Nov 2017)
Enhancements

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

HPE iLO on Moonshot v2.50 to support Edgeline Chassis.

Enhancements/New Features:

Added support for Trusted Platform Module (TPM) 2.0 Firmware flash updates. For systems configured with the optional TPM 2.0 device, this is the minimum revision of the System ROM required to update TPM firmware.

Known Issues:

None


Version:1.22_06-13-2017 (6 Jul 2017)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

None

Firmware Dependencies:

ProLiant m710x Server Cartridge must have HPE iLO on Moonshot firmware v2.50 or later

Problems Fixed:

Addressed an issue with Intel Xeon E3-1200 v5 series processors in which a complex number of concurrent micro-architectural conditions may result in unpredictable system behavior when Intel Hyperthreading is enabled. This revision of the System ROM contains an updated version of Intel’s microcode for this processor that addresses this issue. The issue requires short loops of less than 64 instructions that use the AH, BH, CH, or DH registers as well as their corresponding wider registers (e.g. RAX, EAX, or AX for AH) when both logical processors on the same physical processor core are active. This issue is not unique to HPE ProLiant servers and could impact any system utilizing affected processors that do not include the updated microcode. Due to the potential severity of the issue addressed in this revision of the System ROM, this System ROM upgrade is considered a critical fix for systems with Intel Hyperthreading enabled (which is the default for systems using processors which support Intel Hyperthreading).

Known Issues:

None


Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.