Printable version

Drivers & software

** CRITICAL ** Online ROM Flash Component for VMware ESXi - HP ProLiant DL360p Gen8/DL360p Gen8 SE (P71) Servers

By downloading, you agree to the terms and conditions of the Hewlett Packard Enterprise Software License Agreement.
Note:  Some software requires a valid warranty, current Hewlett Packard Enterprise support contract, or a license fee.

Type: BIOS (Entitlement Required) - System ROM
Version: 2018.05.21(25 Jun 2018)
Operating System(s): VMware ESXi 5.0
VMware vSphere 5.1
VMware vSphere 5.5
VMware vSphere 6.0
VMware vSphere 6.5
File name: CP036429.zip (3.2 MB)
This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with Smart Update Manager (SUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

7f0d89652e2c53f0a61d0ca6724e8d35dbd93dc5a018a37cb350f2b3bcdfcb79 CP036429.zip

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component requires that the CRU driver be loaded before the component can run.
The minimum CRU version for 5.0/5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


Offline:

  • SPP Offline mode boots a special Linux OS environment, thus the Linux Components are used, not the VMware Components


Remote Online, if the component is supported by HP SUM but is not yet part of an SPP:

  • Download the Post-Production SPP from www.hpe.com/servers/SPP/download
  • Download the appropriate SPP
  • Add the component to the SPP
  • Mount the SPP on a remote server running Windows or Linux that has a network connection to the ESXi host to be updated
  • Run HP SUM
  • Add the ESXi host to be updated as a remote target/node
  • Enter IP or DNS address of the ESXi host to be updated
  • Enter the ESXi host credentials (root or administrator username and password)
  • For HP SUM 6.0 and newer, select both the Additional Package with the added component and the SPP Baseline on the node Inventory page.
  • Follow HP Smart Update Manager Steps to complete the firmware update
  • Refer to the SPP documentation for detailed instructions at:  www.hpe.com/servers/spp

To use HP Insight Control for vCenter:

 

  • Log in to the vSphere Client
  • Select a server or cluster in the inventory tree
  • Click the HP Insight Management tab
  • Follow Insight Control for vCenter steps to update firmware using a Component

To update firmware from VMware ESXi operating system on target server:

  • Enable Tech Support Mode on the ESXi host
  • Login as root. (You must be root in order to apply the update)
  • Place the Component ( CPxxxxxx.zip) in a temporary directory
  • From the same directory, unzip the Component:
    unzip CPxxxxxx.zip
  • To perform the standalone installation, execute the command:
    CPxxxxxx.vmexe
  • Follow the directions given by the Component
  • Logout
  • Disable Tech Support Mode on the ESXi host
  • Reboot your system for the firmware update to take effect

End User License Agreements:
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL360p Gen8/DL360p Gen8 SE System ROM - P71

Release Version:

05/21/2018

Last Recommended or Critical Revision:

05/21/2018

Previous Revision:

01/22/2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL360p Gen8/DL360p Gen8 SE System ROM - P71

Release Version:

05/21/2018

Last Recommended or Critical Revision:

05/21/2018

Previous Revision:

01/22/2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Version:2018.05.21 (25 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Version:2018.01.22(B) (16 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Ver. 2018.01.22 (B) contains support for VMware vSphere 6.5.  It is functionally equivalent to ver. 2018.01.22.  It is not necessary to upgrade with version 2018.01.22 (B) if a previous component revision was used to upgrade the firmware to ver. 2018.01.22.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2018.01.22 (2 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2015.07.01 (1 Oct 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a device interrupt may not be handled properly and result in a lost interrupt or an uncorrectable machine check exception. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Known Issues:

None

Version:2014.11.01 (30 Mar 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where systems configured with Intel Xeon E5 2600 v2 processors and Registered DIMMs (RDIMMs) in a 2 DIMM per Channel or 3 DIMM per Channel configuration may experience a 207 - Memory Initialization error message where certain DIMMs may not be initialized properly. This issue is seen intermittently after a system reboot.

Addressed an issue where the server may become unresponsive during POST when an optional Video card is installed.

Addressed an issue where certain option cards that request very large amounts of non-prefetchable memory will not function properly. This issue only impacts a very small number of non-HP option cards.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.08.02 (13 Oct 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where systems configured with Intel Xeon E5 2600 v2 processors and Registered DIMMs (RDIMMs) in a 2 DIMM per Channel or 3 DIMM per Channel configuration may experience a 207 - Memory Initialization error message where certain DIMMs may not be initialized properly. This issue is seen intermittently after a system reboot.

Addressed an issue where the server may become unresponsive during POST when an optional Video card is installed.

Addressed an issue where certain option cards that request very large amounts of non-prefetchable memory will not function properly. This issue only impacts a very small number of non-HP option cards.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.02.10 (B) (9 Sep 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

Version 2014.02.10 (B) contains an update to the flash driver and replaces version 2014.02.10. The actual firmware contained within version 2014.02.10 (B) did not change as compared to version 2014.02.10 and therefore it is not necessary to upgrade if version 2014.02.10 has already been installed.

Firmware Dependencies:

None.

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on Microsoft Hyper-V or VMware ESX 5.x on Intel Xeon E5-2600 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system using affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue. This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processors.

Addressed an issue where servers using the 11/14/2013 or 12/20/2013 revisions of the System ROM might not be able to boot certain operating system installations that install a Master Boot Record that is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does NOT impact any System ROM revisions other than the 11/14/2013 and 12/20/2013 revisions.

Addressed an extremely rare issue that can result in a system configured with Intel Xeon E5-2600 v2 series processors becoming unresponsive early in the POST boot process after an uncorrectable memory error occurs. When this issue occurs, the server will indicate an early boot progress of 20% and a "Memory and QPI Link Initialization Start" message will be displayed on the screen output. This issue does not impact servers configured with Intel Xeon E5-2600 series processors.

Addressed an issue where the System ROM does not properly retry booting certain Network Adapters under some conditions including when the user presses F12 to attempt a PXE boot. Instead, the System ROM will only attempt to boot the Network Adapter one time and then will continue trying to boot devices in the order specified by the Standard Boot Order (IPL).

Addressed an issue where systems configured with Intel Xeon E5-2600 v2 series processors and an HP 331FLR FlexLOM or HP NC332T Network Controller might see intermittent issues with the NIC not being detected by the platform. When the issue occurs, the NIC will not PXE boot or be identified or used by the operating system.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.02.10 (2 May 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None.

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on Microsoft Hyper-V or VMware ESX 5.x on Intel Xeon E5-2600 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system using affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue. This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processors.

Addressed an issue where servers using the 11/14/2013 or 12/20/2013 revisions of the System ROM might not be able to boot certain operating system installations that install a Master Boot Record that is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does NOT impact any System ROM revisions other than the 11/14/2013 and 12/20/2013 revisions.

Addressed an extremely rare issue that can result in a system configured with Intel Xeon E5-2600 v2 series processors becoming unresponsive early in the POST boot process after an uncorrectable memory error occurs. When this issue occurs, the server will indicate an early boot progress of 20% and a "Memory and QPI Link Initialization Start" message will be displayed on the screen output. This issue does not impact servers configured with Intel Xeon E5-2600 series processors.

Addressed an issue where the System ROM does not properly retry booting certain Network Adapters under some conditions including when the user presses F12 to attempt a PXE boot. Instead, the System ROM will only attempt to boot the Network Adapter one time and then will continue trying to boot devices in the order specified by the Standard Boot Order (IPL).

Addressed an issue where systems configured with Intel Xeon E5-2600 v2 series processors and an HP 331FLR FlexLOM or HP NC332T Network Controller might see intermittent issues with the NIC not being detected by the platform. When the issue occurs, the NIC will not PXE boot or be identified or used by the operating system.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2013.12.20 (21 Jan 2014)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where Memory Address or Command Parity errors may occur on servers configured with Intel Xeon E5-2600 series v2 processors and memory configurations where the memory speed is running at 1600 MHz or 1866 MHz.  These errors may have resulted in the server resetting without notification of the error or the system resetting and displaying a "283-Memory Address/Command Parity Error Detected Error" and logging the event to the Integrated Management Log (IML).  HP strongly recommends that all servers utilizing Intel E5-2600 v2 processors with impacted memory speeds update to this revision of the System ROM or later.  This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processor.

Known Issues:

None

Version:2013.11.14 (20 Dec 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may not be able to enter processor idle power states (C-states) which can increase idle power when configured with 2 Intel Xeon E5-2600 v2Series Processors. This issue may also result in a reduction of the frequency of the processor entering Turbo Mode which can reduce performance under certain workloads.

Addressed an issue where Online Spare memory Mode may not function properly when 10 or 12 core Intel Xeon E5-2600 Series v2 processors were installed in the server platform. This issue was typically exhibited as an Online Spare switchover not completing and not being logged into the Integrated Management Log (IML).

Addressed an issue where the system may experience a no boot condition on the reset due to a fatal error. This issue is typically seen as the server hanging at 20% progress in the Early Video Initialization.

Addressed an issue where certain memory configurations with non-HP SmartMemory may have been running at frequencies lower than supported by the processor. This issue only effects systems configured with Intel Xeon E5-2600 v2 Series Processors and non-HP Smart Memory.

Addressed an issue where servers configured with Intel Xeon E5-2600 v2 processors and 32 GB LRDIMMs may experience an increased rate of corrected memory errors or uncorrected memory errors. This issue impacts servers configured with 2 DIMMs per channel or 3 DIMMs per channel. Any server configured with Intel Xeon E5-2600 v2 processors using LRDIMMs should be updated to this revision of the System ROM or later. If experiencing memory errors with the indicated configuration, HP recommends updating to this revision of the System ROM or later before contacting HP service.

Addressed an issue where Memory Address or Command Parity errors are not logged to the Integrated Management Log (IML) if they occur. With previous revisions of the System ROM, these types of errors would cause the server to reset without any notification of the error. A "283-Memory Address/Command Parity Error Detected" error will now be displayed during system boot and logged to the IML.

Addressed an issue where the system may not be able to boot Citrix XenServer 6.2. This issue only impacts the 09/08/2013 and 09/18/2013 revisions of the System ROM.

Known Issues:

None
Enhancements

Added support for Intel Trusted Execution Technology (TXT) for Intel Xeon E5-2600 v2 Series processors.

Added additional options to the ROM Based Setup Utility (RBSU) Power-On Delay Option for delay times of 15, 30, 40 and 60 seconds (in addition to the previous options of No Delay and Random Delay). For these new selections to function, the system must be using Integrated Lights-Out (iLO) Firmware version 1.20 or later. If the system is configured to one of the new options without having iLO Firmware version 1.20 or later, the Power-On Delay Option will function as if the No Delay option were chosen.

Enhanced the System ROM's detection of valid boot devices such as USB Drive Keys or Hard Drives. Previously, the System ROM may have attempted to boot certain bootable media with invalid boot records resulting in a Non-System Disk error. In some cases, the System ROM will now be able to detect the invalid boot record and skip attempting to boot the device. This allows the System ROM to attempt to boot the next device in the boot order.

Added the latest product names of optional expansion cards and updated language translations (for non-English modes) in the ROM-Based Setup Utility (RBSU).


Version:2013.09.18 (24 Sep 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system configured with Intel Xeon E5-2690 v2, E5-2680 v2, E5-2670 v2, and E5-2660 v2 processors and Advanced Memory Protection configured to Online Spare Mode may experience incorrect behavior when multiple Online Spare switchovers occur on the same processor.

Addressed an issue where systems configured with 1 DIMM per channel and non-HP SmartMemory may operate at a lower frequency than intended. This issue does not impact servers configured with HP SmartMemory.

Known Issues:

None
Enhancements

Added support for LRDIMMs for systems configured with Intel Xeon E5-2600 Series v2 processors. Previous System ROM revisions that supported E5-2600 Series v2 processors displayed a "274-Unsupported DIMM Configuration Detected" message during system boot when LRDIMMs were installed with Intel Xeon E5-2600 v2 processors. Previous ROM revisions did support LRDIMMs with Intel Xeon E5-2600 processors.


Version:2013.03.01 (26 Mar 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Resolved an issue where servers utilizing LRDIMMs may experience an extremely long boot process (~40 minutes).  This issue is not intermittent.  If the issue occurs, it will occur on every boot.  This issue has NO impact on platforms without LRDIMMs installed.

Known Issues:

None


Version:2012.12.14 (19 Dec 2012)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Resolved an issue that could result in a server reset or the inability to boot. Servers should be updated to this revision of the system ROM to minimize the potential for a system reset or the inability to boot.

Resolved an issue where the system may experience a performance issue, usually seen in a degradation of network throughput, after updating to the 08/20/2012 revision of the System ROM. This issue only exists with the 08/20/2012 revision of the System ROM.

Resolved an issue where no message was displayed and no Integrated Management Log (IML) entry is logged for certain memory errors that result in DIMMs not being usable. This issue would look like the operating system having access to less memory than is actually installed without any error indicated.

Removed the Advanced ROM-Based Setup Utility (RBSU) option to disable Data Direct I/O (DDIO). It is no longer recommended that users disable this option due to the negative impacts on system performance. For systems that had previously disabled Data Direct I/O, the option will remain disabled. Defaults must be restored on the system to re-enable this functionality for this situation.

Resolved a rare issue where the system may experience a temporary loss of video, such as a blank screen on the local monitor and iLO Remote Console, if a key is pressed during POST during Option ROM Execution.

Resolved an issue where the order in which processors are presented to the Operating System may change across multiple system boots.

Known Issues:

None

Enhancements

Optimized the memory settings to improve the reliability of the memory system.

Added a ROM-Based Setup Utility (RBSU) option for HP Option ROM Prompting. This option is enabled by default. Disabling this option prevents HP Smart Array controllers and iLO from prompting to enter their setup tools during system boot. This allows for faster boot times. This option requires updated revisions of Smart Array Controller firmware and iLO Firmware to function. If this option is disabled, the HP Smart Array and iLO will continue to prompt to enter their setup tools if an updated revision of these firmware deliverables are not installed.

Added the latest product names of optional expansion cards and updated language translations (for non-English modes) in the ROM-Based Setup Utility (RBSU).


Type: BIOS (Entitlement Required) - System ROM
Version: 2018.05.21(25 Jun 2018)
Operating System(s):
VMware ESXi 5.0
VMware vSphere 5.1
VMware vSphere 5.5
VMware vSphere 6.0
VMware vSphere 6.5

Description

This component provides updated system firmware that can be installed directly on supported Operating Systems. Additionally, when used in conjunction with Smart Update Manager (SUM) and Insight Control for VMware vCenter, this Component allows the user to update firmware on remote servers from a central location. This remote deployment capability eliminates the need for the user to be physically present at the server in order to perform a firmware update.

Installation Instructions

To ensure the integrity of your download, HPE recommends verifying your results with this SHA-256 Checksum value:

7f0d89652e2c53f0a61d0ca6724e8d35dbd93dc5a018a37cb350f2b3bcdfcb79 CP036429.zip

Reboot Requirement:
Reboot is required after installation for updates to take effect and hardware stability to be maintained.


Installation:

IMPORTANT: This component requires that the CRU driver be loaded before the component can run.
The minimum CRU version for 5.0/5.1 is 5.0.3.9.
The minimum CRU version for 5.5 is 5.5.4.1.
The minimum CRU version for 6.0 is 6.0.8.
The minimum CRU version for 6.5 is 6.5.8.


Offline:

  • SPP Offline mode boots a special Linux OS environment, thus the Linux Components are used, not the VMware Components


Remote Online, if the component is supported by HP SUM but is not yet part of an SPP:

  • Download the Post-Production SPP from www.hpe.com/servers/SPP/download
  • Download the appropriate SPP
  • Add the component to the SPP
  • Mount the SPP on a remote server running Windows or Linux that has a network connection to the ESXi host to be updated
  • Run HP SUM
  • Add the ESXi host to be updated as a remote target/node
  • Enter IP or DNS address of the ESXi host to be updated
  • Enter the ESXi host credentials (root or administrator username and password)
  • For HP SUM 6.0 and newer, select both the Additional Package with the added component and the SPP Baseline on the node Inventory page.
  • Follow HP Smart Update Manager Steps to complete the firmware update
  • Refer to the SPP documentation for detailed instructions at:  www.hpe.com/servers/spp

To use HP Insight Control for vCenter:

 

  • Log in to the vSphere Client
  • Select a server or cluster in the inventory tree
  • Click the HP Insight Management tab
  • Follow Insight Control for vCenter steps to update firmware using a Component

To update firmware from VMware ESXi operating system on target server:

  • Enable Tech Support Mode on the ESXi host
  • Login as root. (You must be root in order to apply the update)
  • Place the Component ( CPxxxxxx.zip) in a temporary directory
  • From the same directory, unzip the Component:
    unzip CPxxxxxx.zip
  • To perform the standalone installation, execute the command:
    CPxxxxxx.vmexe
  • Follow the directions given by the Component
  • Logout
  • Disable Tech Support Mode on the ESXi host
  • Reboot your system for the firmware update to take effect

Release Notes

End User License Agreements:
HPE Software License Agreement v1
Hewlett-Packard End User License Agreement


Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important:

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL360p Gen8/DL360p Gen8 SE System ROM - P71

Release Version:

05/21/2018

Last Recommended or Critical Revision:

05/21/2018

Previous Revision:

01/22/2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Important

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Deliverable Name:

HP ProLiant DL360p Gen8/DL360p Gen8 SE System ROM - P71

Release Version:

05/21/2018

Last Recommended or Critical Revision:

05/21/2018

Previous Revision:

01/22/2018

Firmware Dependencies:

None

Enhancements/New Features:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None

Revision History

Version:2018.05.21 (25 Jun 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX.

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Known Issues:

None


Version:2018.01.22(B) (16 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Ver. 2018.01.22 (B) contains support for VMware vSphere 6.5.  It is functionally equivalent to ver. 2018.01.22.  It is not necessary to upgrade with version 2018.01.22 (B) if a previous component revision was used to upgrade the firmware to ver. 2018.01.22.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2018.01.22 (2 Mar 2018)
Fixes

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.


Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for Variant 2 of the Side Channel Analysis vulnerability, also known as Spectre. The revision of the microcode included in this System ROM does NOT have issues with more frequent reboots and unpredictable system behavior which impacted the previous Intel microcode which was part of the Spectre Variant 2 mitigation. Additional information is available from Intel’s Security Exploit Newsroom, https://newsroom.intel.com/press-kits/security-exploits-intel-products/.

Firmware Dependencies:

None

Problems Fixed:

Updated the Intel processor microcode to the latest version.

Known Issues:

None


Version:2015.07.01 (1 Oct 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a device interrupt may not be handled properly and result in a lost interrupt or an uncorrectable machine check exception. This issue is NOT unique to HP servers. HP recommends that users experiencing these issues update to this revision of the System ROM before replacing any hardware components.

Known Issues:

None

Version:2014.11.01 (30 Mar 2015)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where systems configured with Intel Xeon E5 2600 v2 processors and Registered DIMMs (RDIMMs) in a 2 DIMM per Channel or 3 DIMM per Channel configuration may experience a 207 - Memory Initialization error message where certain DIMMs may not be initialized properly. This issue is seen intermittently after a system reboot.

Addressed an issue where the server may become unresponsive during POST when an optional Video card is installed.

Addressed an issue where certain option cards that request very large amounts of non-prefetchable memory will not function properly. This issue only impacts a very small number of non-HP option cards.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.08.02 (13 Oct 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed a rare issue where systems configured with Intel Xeon E5 2600 v2 processors and Registered DIMMs (RDIMMs) in a 2 DIMM per Channel or 3 DIMM per Channel configuration may experience a 207 - Memory Initialization error message where certain DIMMs may not be initialized properly. This issue is seen intermittently after a system reboot.

Addressed an issue where the server may become unresponsive during POST when an optional Video card is installed.

Addressed an issue where certain option cards that request very large amounts of non-prefetchable memory will not function properly. This issue only impacts a very small number of non-HP option cards.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.02.10 (B) (9 Sep 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

Version 2014.02.10 (B) contains an update to the flash driver and replaces version 2014.02.10. The actual firmware contained within version 2014.02.10 (B) did not change as compared to version 2014.02.10 and therefore it is not necessary to upgrade if version 2014.02.10 has already been installed.

Firmware Dependencies:

None.

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on Microsoft Hyper-V or VMware ESX 5.x on Intel Xeon E5-2600 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system using affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue. This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processors.

Addressed an issue where servers using the 11/14/2013 or 12/20/2013 revisions of the System ROM might not be able to boot certain operating system installations that install a Master Boot Record that is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does NOT impact any System ROM revisions other than the 11/14/2013 and 12/20/2013 revisions.

Addressed an extremely rare issue that can result in a system configured with Intel Xeon E5-2600 v2 series processors becoming unresponsive early in the POST boot process after an uncorrectable memory error occurs. When this issue occurs, the server will indicate an early boot progress of 20% and a "Memory and QPI Link Initialization Start" message will be displayed on the screen output. This issue does not impact servers configured with Intel Xeon E5-2600 series processors.

Addressed an issue where the System ROM does not properly retry booting certain Network Adapters under some conditions including when the user presses F12 to attempt a PXE boot. Instead, the System ROM will only attempt to boot the Network Adapter one time and then will continue trying to boot devices in the order specified by the Standard Boot Order (IPL).

Addressed an issue where systems configured with Intel Xeon E5-2600 v2 series processors and an HP 331FLR FlexLOM or HP NC332T Network Controller might see intermittent issues with the NIC not being detected by the platform. When the issue occurs, the NIC will not PXE boot or be identified or used by the operating system.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2014.02.10 (2 May 2014)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None.

Problems Fixed:

Addressed a processor issue which can result in a Blue Screen of Death (BSOD) in a Windows virtual machine or Linux Kernel Panic in a Linux virtual machine when running on Microsoft Hyper-V or VMware ESX 5.x on Intel Xeon E5-2600 series v2 processors. This issue is not unique to HP ProLiant servers and could impact any system using affected processors operating with the conditions listed. This revision of the System ROM contains an updated version of Intel's microcode that addresses this issue. This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processors.

Addressed an issue where servers using the 11/14/2013 or 12/20/2013 revisions of the System ROM might not be able to boot certain operating system installations that install a Master Boot Record that is not marked as Active. When this issue occurs, the server might experience a Non-System Disk Error or not boot the intended media. This issue does NOT impact any System ROM revisions other than the 11/14/2013 and 12/20/2013 revisions.

Addressed an extremely rare issue that can result in a system configured with Intel Xeon E5-2600 v2 series processors becoming unresponsive early in the POST boot process after an uncorrectable memory error occurs. When this issue occurs, the server will indicate an early boot progress of 20% and a "Memory and QPI Link Initialization Start" message will be displayed on the screen output. This issue does not impact servers configured with Intel Xeon E5-2600 series processors.

Addressed an issue where the System ROM does not properly retry booting certain Network Adapters under some conditions including when the user presses F12 to attempt a PXE boot. Instead, the System ROM will only attempt to boot the Network Adapter one time and then will continue trying to boot devices in the order specified by the Standard Boot Order (IPL).

Addressed an issue where systems configured with Intel Xeon E5-2600 v2 series processors and an HP 331FLR FlexLOM or HP NC332T Network Controller might see intermittent issues with the NIC not being detected by the platform. When the issue occurs, the NIC will not PXE boot or be identified or used by the operating system.

Known Issues:

None
Enhancements

Added support for the latest names for PCIe expansion devices to the ROM-Based Setup Utility (RBSU).


Version:2013.12.20 (21 Jan 2014)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where Memory Address or Command Parity errors may occur on servers configured with Intel Xeon E5-2600 series v2 processors and memory configurations where the memory speed is running at 1600 MHz or 1866 MHz.  These errors may have resulted in the server resetting without notification of the error or the system resetting and displaying a "283-Memory Address/Command Parity Error Detected Error" and logging the event to the Integrated Management Log (IML).  HP strongly recommends that all servers utilizing Intel E5-2600 v2 processors with impacted memory speeds update to this revision of the System ROM or later.  This issue does NOT affect servers configured with the Intel Xeon E5-2600 series processor.

Known Issues:

None

Version:2013.11.14 (20 Dec 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the server may not be able to enter processor idle power states (C-states) which can increase idle power when configured with 2 Intel Xeon E5-2600 v2Series Processors. This issue may also result in a reduction of the frequency of the processor entering Turbo Mode which can reduce performance under certain workloads.

Addressed an issue where Online Spare memory Mode may not function properly when 10 or 12 core Intel Xeon E5-2600 Series v2 processors were installed in the server platform. This issue was typically exhibited as an Online Spare switchover not completing and not being logged into the Integrated Management Log (IML).

Addressed an issue where the system may experience a no boot condition on the reset due to a fatal error. This issue is typically seen as the server hanging at 20% progress in the Early Video Initialization.

Addressed an issue where certain memory configurations with non-HP SmartMemory may have been running at frequencies lower than supported by the processor. This issue only effects systems configured with Intel Xeon E5-2600 v2 Series Processors and non-HP Smart Memory.

Addressed an issue where servers configured with Intel Xeon E5-2600 v2 processors and 32 GB LRDIMMs may experience an increased rate of corrected memory errors or uncorrected memory errors. This issue impacts servers configured with 2 DIMMs per channel or 3 DIMMs per channel. Any server configured with Intel Xeon E5-2600 v2 processors using LRDIMMs should be updated to this revision of the System ROM or later. If experiencing memory errors with the indicated configuration, HP recommends updating to this revision of the System ROM or later before contacting HP service.

Addressed an issue where Memory Address or Command Parity errors are not logged to the Integrated Management Log (IML) if they occur. With previous revisions of the System ROM, these types of errors would cause the server to reset without any notification of the error. A "283-Memory Address/Command Parity Error Detected" error will now be displayed during system boot and logged to the IML.

Addressed an issue where the system may not be able to boot Citrix XenServer 6.2. This issue only impacts the 09/08/2013 and 09/18/2013 revisions of the System ROM.

Known Issues:

None
Enhancements

Added support for Intel Trusted Execution Technology (TXT) for Intel Xeon E5-2600 v2 Series processors.

Added additional options to the ROM Based Setup Utility (RBSU) Power-On Delay Option for delay times of 15, 30, 40 and 60 seconds (in addition to the previous options of No Delay and Random Delay). For these new selections to function, the system must be using Integrated Lights-Out (iLO) Firmware version 1.20 or later. If the system is configured to one of the new options without having iLO Firmware version 1.20 or later, the Power-On Delay Option will function as if the No Delay option were chosen.

Enhanced the System ROM's detection of valid boot devices such as USB Drive Keys or Hard Drives. Previously, the System ROM may have attempted to boot certain bootable media with invalid boot records resulting in a Non-System Disk error. In some cases, the System ROM will now be able to detect the invalid boot record and skip attempting to boot the device. This allows the System ROM to attempt to boot the next device in the boot order.

Added the latest product names of optional expansion cards and updated language translations (for non-English modes) in the ROM-Based Setup Utility (RBSU).


Version:2013.09.18 (24 Sep 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where a system configured with Intel Xeon E5-2690 v2, E5-2680 v2, E5-2670 v2, and E5-2660 v2 processors and Advanced Memory Protection configured to Online Spare Mode may experience incorrect behavior when multiple Online Spare switchovers occur on the same processor.

Addressed an issue where systems configured with 1 DIMM per channel and non-HP SmartMemory may operate at a lower frequency than intended. This issue does not impact servers configured with HP SmartMemory.

Known Issues:

None
Enhancements

Added support for LRDIMMs for systems configured with Intel Xeon E5-2600 Series v2 processors. Previous System ROM revisions that supported E5-2600 Series v2 processors displayed a "274-Unsupported DIMM Configuration Detected" message during system boot when LRDIMMs were installed with Intel Xeon E5-2600 v2 processors. Previous ROM revisions did support LRDIMMs with Intel Xeon E5-2600 processors.


Version:2013.03.01 (26 Mar 2013)
Fixes

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Resolved an issue where servers utilizing LRDIMMs may experience an extremely long boot process (~40 minutes).  This issue is not intermittent.  If the issue occurs, it will occur on every boot.  This issue has NO impact on platforms without LRDIMMs installed.

Known Issues:

None


Version:2012.12.14 (19 Dec 2012)
Fixes

Upgrade Requirement:
Recommended - HP recommends users update to this version at their earliest convenience.


Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Resolved an issue that could result in a server reset or the inability to boot. Servers should be updated to this revision of the system ROM to minimize the potential for a system reset or the inability to boot.

Resolved an issue where the system may experience a performance issue, usually seen in a degradation of network throughput, after updating to the 08/20/2012 revision of the System ROM. This issue only exists with the 08/20/2012 revision of the System ROM.

Resolved an issue where no message was displayed and no Integrated Management Log (IML) entry is logged for certain memory errors that result in DIMMs not being usable. This issue would look like the operating system having access to less memory than is actually installed without any error indicated.

Removed the Advanced ROM-Based Setup Utility (RBSU) option to disable Data Direct I/O (DDIO). It is no longer recommended that users disable this option due to the negative impacts on system performance. For systems that had previously disabled Data Direct I/O, the option will remain disabled. Defaults must be restored on the system to re-enable this functionality for this situation.

Resolved a rare issue where the system may experience a temporary loss of video, such as a blank screen on the local monitor and iLO Remote Console, if a key is pressed during POST during Option ROM Execution.

Resolved an issue where the order in which processors are presented to the Operating System may change across multiple system boots.

Known Issues:

None

Enhancements

Optimized the memory settings to improve the reliability of the memory system.

Added a ROM-Based Setup Utility (RBSU) option for HP Option ROM Prompting. This option is enabled by default. Disabling this option prevents HP Smart Array controllers and iLO from prompting to enter their setup tools during system boot. This allows for faster boot times. This option requires updated revisions of Smart Array Controller firmware and iLO Firmware to function. If this option is disabled, the HP Smart Array and iLO will continue to prompt to enter their setup tools if an updated revision of these firmware deliverables are not installed.

Added the latest product names of optional expansion cards and updated language translations (for non-English modes) in the ROM-Based Setup Utility (RBSU).


Legal Disclaimer: Products sold prior to the November 1, 2015 separation of Hewlett-Packard Company into Hewlett Packard Enterprise Company and HP Inc. may have older product names and model numbers that differ from current models.