Printable version

Drivers & software

** CRITICAL ** System Firmware Upgrade for HPE ProLiant ML10 Gen9 Server (Windows)

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Entitlement Required) - System ROM
Version: 2020.01.16(30 Jan 2020)
Operating System(s): Microsoft Windows Server 2012 R2
File name: ML10_Gen9_BIOS_Windows.exe (4.4 MB)
This firmware package provides updated system firmware for HPE ProLiant ML10 Gen9 Server running Microsoft Windows Server 2012 R2.

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

ce391db291b0caf40e12999621abc7b0b58b61c467aa4d72a2289185c341f6f7 ML10_Gen9_BIOS_Windows.exe

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

To verify the integrity of the downloaded file:

  1. Use Microsoft Windows CRC/SHA tool to calculate the SHA256 hash value for ML10_Gen9_BIOS_Windows.exe
  2. Compare the calculated value with the SHA256 value displayed in the Installation Instruction tab of the HPE Support Center download page.(example: ce391db291b0caf40e12999621abc7b0b58b61c467aa4d72a2289185c341f6f7 ML10_Gen9_BIOS_Windows.exe)
  3. If the values match, then the integrity of the downloaded file has been verified.
    • If the values do not match, then download the file a second time and compare the newly calculated hash values again.
    • If the hash values do not match:
      • Do not deploy the firmware
      • Contact HPE Technical Support

To verify the authenticity of the downloaded file:

  1. Download ML10_Gen9_BIOS_Windows.exe. to a system running a supported version of Microsoft Windows Server OS
  2.  Right-click the filename then select Properties
  3. When the Properties window displays, click the Digital Signature tab
  4. Select the first entry in the Signature List and click the Details button.
  5. The signature status will display at the top of the Details dialog.
    • If the signature message states that “This digital signature is OK.”, then the firmware package is authenticated as an HPE package
    • If the message “This digital signature is not OK.” displays, then do the following:
      • Do not deploy the firmware.
      • Download firmware a second time and verify the signature again. If the signature is not OK, then contact HPE Technical Support

To decompress file and execute the script to upgrade firmware:

  1. Execute: ML10_Gen9_BIOS_Windows.exe
  2. Double click the file "readme.txt" and follow the installation procedures for different operating systems. 
  3. Open "Winflash_with_BATCH" folder and make sure that four files and one folder are included:
  • ROM_Flash_Utility folder
  • Winflash.bat
  • release_note.txt
  • readme.txt
  • 1.13
  1. In a Windows environment, double click the "Winflash.bat" file to start the system firmware update process.
  2. The update dialog window will close automatically after the system firmware update process completes.
    Note: If update fails, repeat step 4.
  3. Restart the system.
  4. After system restarts, verify that BIOS version displayed in the setup menu is 1.13

End User License Agreements:
HPE Software License Agreement v1


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Deliverable Name:

HPE ProLiant ML10 Gen9 Server System Firmware

Release Version:

1.13 (2020.01.16)

Last Recommended or Critical Revision:

1.12 (2018.09.04)

Firmware Dependencies:

None

Known Issues:

None


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.13 (2020.01.16):

  • Addressed the security vulnerability (CVE-2019-0123/CCVE-2019-0184/CVE-2019-11139/CVE-2019-11135)
  • Addressed the security vulnerability (CVE-2019-0124)

Deliverable Name:

HPE ProLiant ML10 Gen9 Server System Firmware

Release Version:

1.13 (2020.01.16)

Last Recommended or Critical Revision:

1.12 (2018.09.04)

Firmware Dependencies:

None

Known Issues:

None

Version:2020.01.16 (30 Jan 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.13 (2020.01.16):

  • Addressed the security vulnerability (CVE-2019-0123/CCVE-2019-0184/CVE-2019-11139/CVE-2019-11135)
  • Addressed the security vulnerability (CVE-2019-0124)

Version:2018.09.04 (6 Sep 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.12 (2018.09.04):

  • Addressed the security vulnerability (CVE-2017-5704, CVE-2018-3652)

Version:2018.03.05 (5 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.11 (2018.03.05):

  • Update of the latest Intel Skylake processor microcode (version C2)

Version:2017.12.18 (2 Jan 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.10 (2017.12.18):

  • Upgraded TCG module Source Control Label to TCG2_10.
  • Added a new item in setup to support TPM2.0 FW update.

Version:2017.11.14 (20 Nov 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.09 (2017.11.14):

  • Fixed issue described in Intel Technical Advisory 574797: Enhancing Management Engine (ME) firmware resilience and patching identified security vulnerabilities

Version:2017.10.11 (17 Oct 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.08 (2017.10.11):

  • Addressed potential Intel Software Guard Extensions (Intel SGX) security issue by upgrading to Intel Reference Code (RC) version to 2.3.0.
  • Fixed issue described in Intel Technical Advisory 574023: Platform firmware included insecure handling of certain UEFI variables. If the contents of these variables ever became corrupted, the platform would fail to boot.

Version:2017.07.07(A) (27 Jul 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.07 (2017.07.07(A)):

  • Addressed potential Intel Software Guard Extensions (Intel SGX) security issue with the following changes:
  1. Upgrade Intel Reference Code (RC) version to 2.1.0.
  2. Upgrade Processor Microcode Update (MCU) version to 0xBA (patches Intel SGX security vulnerability)

        Note: Refere to Security Bulletin HPESB3P03767 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p03767en_us for more details on Intel SGX security issue.

  • Fixed [Svr_F]SMBIOS type9 information where SMBIOS might fail to analyse certain strings. For example, the H241 slot number might display incorrectly in HPSSA GUI.

Version:2017.05.16 (23 May 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Removed a software debugging feature that may permanently disable the ME if improperly toggled.

Enhancements

The following updates are included in version 1.06:

·          Supports ME firmware version 11.6.27.3264, which is available here:  http://h20566.www2.hpe.com/hpsc/swd/public/readIndex?sp4ts.oid=1008772172&lang=en&cc=us

·          Disables BIOS menu item for enabling/disabling ME


Version:2016.10.04 (5 Oct 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in version 1.04:

  • Update ME firmware version
  • Enable Headless function
  • Enable FRU function

Version:2016.08.03 (5 Aug 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This update will recover Product Serial Number & Part Number missing on BIOS Menu.

Known Issues:

None


Version:2016.01.26 (14 Mar 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This is the initial version of the firmware.

Known Issues:

None


Type: BIOS (Entitlement Required) - System ROM
Version: 2020.01.16(30 Jan 2020)
Operating System(s):
Microsoft Windows Server 2012 R2

Description

This firmware package provides updated system firmware for HPE ProLiant ML10 Gen9 Server running Microsoft Windows Server 2012 R2.

Installation Instructions

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

ce391db291b0caf40e12999621abc7b0b58b61c467aa4d72a2289185c341f6f7 ML10_Gen9_BIOS_Windows.exe

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

To verify the integrity of the downloaded file:

  1. Use Microsoft Windows CRC/SHA tool to calculate the SHA256 hash value for ML10_Gen9_BIOS_Windows.exe
  2. Compare the calculated value with the SHA256 value displayed in the Installation Instruction tab of the HPE Support Center download page.(example: ce391db291b0caf40e12999621abc7b0b58b61c467aa4d72a2289185c341f6f7 ML10_Gen9_BIOS_Windows.exe)
  3. If the values match, then the integrity of the downloaded file has been verified.
    • If the values do not match, then download the file a second time and compare the newly calculated hash values again.
    • If the hash values do not match:
      • Do not deploy the firmware
      • Contact HPE Technical Support

To verify the authenticity of the downloaded file:

  1. Download ML10_Gen9_BIOS_Windows.exe. to a system running a supported version of Microsoft Windows Server OS
  2.  Right-click the filename then select Properties
  3. When the Properties window displays, click the Digital Signature tab
  4. Select the first entry in the Signature List and click the Details button.
  5. The signature status will display at the top of the Details dialog.
    • If the signature message states that “This digital signature is OK.”, then the firmware package is authenticated as an HPE package
    • If the message “This digital signature is not OK.” displays, then do the following:
      • Do not deploy the firmware.
      • Download firmware a second time and verify the signature again. If the signature is not OK, then contact HPE Technical Support

To decompress file and execute the script to upgrade firmware:

  1. Execute: ML10_Gen9_BIOS_Windows.exe
  2. Double click the file "readme.txt" and follow the installation procedures for different operating systems. 
  3. Open "Winflash_with_BATCH" folder and make sure that four files and one folder are included:
  • ROM_Flash_Utility folder
  • Winflash.bat
  • release_note.txt
  • readme.txt
  • 1.13
  1. In a Windows environment, double click the "Winflash.bat" file to start the system firmware update process.
  2. The update dialog window will close automatically after the system firmware update process completes.
    Note: If update fails, repeat step 4.
  3. Restart the system.
  4. After system restarts, verify that BIOS version displayed in the setup menu is 1.13

Release Notes

End User License Agreements:
HPE Software License Agreement v1


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Deliverable Name:

HPE ProLiant ML10 Gen9 Server System Firmware

Release Version:

1.13 (2020.01.16)

Last Recommended or Critical Revision:

1.12 (2018.09.04)

Firmware Dependencies:

None

Known Issues:

None


Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.13 (2020.01.16):

  • Addressed the security vulnerability (CVE-2019-0123/CCVE-2019-0184/CVE-2019-11139/CVE-2019-11135)
  • Addressed the security vulnerability (CVE-2019-0124)

Important

Deliverable Name:

HPE ProLiant ML10 Gen9 Server System Firmware

Release Version:

1.13 (2020.01.16)

Last Recommended or Critical Revision:

1.12 (2018.09.04)

Firmware Dependencies:

None

Known Issues:

None

Revision History

Version:2020.01.16 (30 Jan 2020)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.13 (2020.01.16):

  • Addressed the security vulnerability (CVE-2019-0123/CCVE-2019-0184/CVE-2019-11139/CVE-2019-11135)
  • Addressed the security vulnerability (CVE-2019-0124)

Version:2018.09.04 (6 Sep 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.12 (2018.09.04):

  • Addressed the security vulnerability (CVE-2017-5704, CVE-2018-3652)

Version:2018.03.05 (5 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


The following update is included in HPE ProLiant ML10 Gen9 Server system firmware version 1.11 (2018.03.05):

  • Update of the latest Intel Skylake processor microcode (version C2)

Version:2017.12.18 (2 Jan 2018)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.10 (2017.12.18):

  • Upgraded TCG module Source Control Label to TCG2_10.
  • Added a new item in setup to support TPM2.0 FW update.

Version:2017.11.14 (20 Nov 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.09 (2017.11.14):

  • Fixed issue described in Intel Technical Advisory 574797: Enhancing Management Engine (ME) firmware resilience and patching identified security vulnerabilities

Version:2017.10.11 (17 Oct 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.08 (2017.10.11):

  • Addressed potential Intel Software Guard Extensions (Intel SGX) security issue by upgrading to Intel Reference Code (RC) version to 2.3.0.
  • Fixed issue described in Intel Technical Advisory 574023: Platform firmware included insecure handling of certain UEFI variables. If the contents of these variables ever became corrupted, the platform would fail to boot.

Version:2017.07.07(A) (27 Jul 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in HPE ProLiant ML10 Gen9 BIOS version 1.07 (2017.07.07(A)):

  • Addressed potential Intel Software Guard Extensions (Intel SGX) security issue with the following changes:
  1. Upgrade Intel Reference Code (RC) version to 2.1.0.
  2. Upgrade Processor Microcode Update (MCU) version to 0xBA (patches Intel SGX security vulnerability)

        Note: Refere to Security Bulletin HPESB3P03767 http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesb3p03767en_us for more details on Intel SGX security issue.

  • Fixed [Svr_F]SMBIOS type9 information where SMBIOS might fail to analyse certain strings. For example, the H241 slot number might display incorrectly in HPSSA GUI.

Version:2017.05.16 (23 May 2017)
Fixes

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Removed a software debugging feature that may permanently disable the ME if improperly toggled.

Enhancements

The following updates are included in version 1.06:

·          Supports ME firmware version 11.6.27.3264, which is available here:  http://h20566.www2.hpe.com/hpsc/swd/public/readIndex?sp4ts.oid=1008772172&lang=en&cc=us

·          Disables BIOS menu item for enabling/disabling ME


Version:2016.10.04 (5 Oct 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


The following updates are included in version 1.04:

  • Update ME firmware version
  • Enable Headless function
  • Enable FRU function

Version:2016.08.03 (5 Aug 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This update will recover Product Serial Number & Part Number missing on BIOS Menu.

Known Issues:

None


Version:2016.01.26 (14 Mar 2016)
Enhancements

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Enhancements/New Features:

This is the initial version of the firmware.

Known Issues:

None


Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.