Xl230k gen10 drivers and firmware download

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

This version of the System ROM contains updates aligned with the Intel Product Update (IPU) version IPU.2020.2 guidance.

Firmware Dependencies:

None

Problems Fixed:

This version of the system ROM includes updates to the Intel Memory Reference Code which may help improve memory stability for systems configured with two DIMMs per channel. Please consult Intel sighting documentation for more details on the improvements included in the Intel IPU.2.2020 release. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigations for security vulnerabilities documented as CVE-2020-8696. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-0381. The Intel microcode patches included in this release are version 0x02006A08 (CPUID 50654), 0x04003003 (CPUID 50656) and 0x05003003 (CPUID 50567). These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code which provides mitigations for BIOS advisories and security vulnerabilities documented as CVE-2020-0587, CVE-2020-0588, CVE-2020-0590, CVE-2020-0591, CVE-2020-0592 and CVE-2020-0593. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-00358. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code which provides mitigations for BIOS platform code advisories and security vulnerabilities documented as CVE-2020-8738, CVE-2020-8739, CVE-2020-8740, and CVE-2020-8764. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-00390. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code which addressed an issue where the system may get stuck in a reboot loop during memory training. This issue was introduced with the v2.30 System ROM. This issue was not unique to HPE servers.

Addressed an issue where the memory locality of the ACPI SLIT table was not being created properly. In rare cases, the incorrect ACPI SLIT values could cause unexpected impacts to system performance. This issue was introduced in the v2.10 version of the System ROM and was not seen with previous versions of the System ROM.

Addressed an issue where NVMe Hot-plug and Hot-add would not function properly with VMware. This issue did not impact NVMe Hot-plug or Hot-add with other operating systems.

Addressed an issue where the system would not properly call out a memory replacement event in the Integrated Management Log (IML) if an uncorrected memory failure occurred during an Advanced Double DRAM Device Correction (ADDDC) sparing operation. This fix only impacts the incorrect logging of these events and does not impact the normal operation of the system in terms of causing uncorrected memory failures or causing any change to the operation of A3DC functionality. This issue only impacts systems configured for fast Fault Tolerant Memory Mode (ADDDC).

Addressed an issue where the BIOS/Platform Configuration (RBSU) option for the Extended Memory Test could be automatically disabled after a system reboot. This issue was introduced with the v2.30 System ROM and was not seen with earlier version of the System ROM.

Known Issues:

None

Added a new BIOS/Platform Configuration (RBSU) option to Memory Options called Refresh Watermarks. When selecting the Low Watermark setting, the memory controller will help reduce susceptibility to a DDR4 RowHammer attack. It is expected that a memory performance impact will be seen when enabling the Low Watermark setting. The default operation of the system has not changed and customers wanting to provide additional RowHammer protection should enable this setting.

Added support to BIOS/Platform Configuration (RBSU) to allow importing and exporting Secure Boot signature lists as a signed binary file. This is useful to import the Microsoft revocation list binary file into the Secure Boot DBX as found on the UEFI forum at https://uefi.org/revocationlistfile.

Updated the System ROM to allow for an increased amount of 64-bit Memory Mapped I/O available for third party options cards.

Updated the System ROM support for One Button Secure Erase functionality with the latest HPE option devices.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.

Important Notes:

Firmware Dependencies:

Problems Fixed:

Addressed an issue where a dual port networking device may show up in the System Configuration Utilities with two Port 1 names instead of properly being represented as Port 1 and Port 2. This did not impact any functionality to the device.

Known Issues:

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.

Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the serial port would not function properly when the iLO CLI serial interface was also enabled on the platform. This could lead to the serial BAUD rate not being configured properly and the serial output from the host would be corrupted or no output would be seen.

Addressed an issue where UEFI Serial Debug output could inadvertently be seen over BIOS Serial Console. This issue would be seen periodically on server reboots. This issue was introduced with System ROM v2.30 and did not impact servers using previous versions of the System ROM.

Addressed an extremely rare issue where the system could become unresponsive in POST when configured in Legacy Boot Mode when a USB Mouse is attached. This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where boot devices could disappear from the Boot Options menu in the BIOS/Platform Configuration (RBSU) when pressing the F10 or F12 key to save boot order changes.

Addressed an issue where the system may experience a Bank 0x9/0xA/0xB Uncorrectable Machine Check Exception with a Status Code of 0xBE200000'000C110A and an Address field value of 0x00000000'00000280.

Known Issues:

None

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.

Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Ver. 2.32_03-09-2020(B)  contains updates to the firmware packaging and is functionally equivalent to ver. 2.32_03-09-2020.  It is not necessary to upgrade with Revision B if a previous component revision was used to upgrade the firmware to version 2.32_03-09-2020.

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.

Important Notes:

This version of the System ROM contains the latest support for the HPE Smart Array s100i UEFI Driver. This system ROM is critical for customers who have enabled the HPE Smart Array s100i support. Please see advisory:  https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00097734en_us

Firmware Dependencies:

None

Problems Fixed:

Addressed an issue where the HPE Smart Array s100i Software RAID may experience potential data inconsistency during initial configuration or operation of a RAID volume configured in RAID 0/1/5/10 Fault Tolerant Modes. This issue does not impact systems configured in other RAID configurations such as single RAID 0 or 1. This issue does not impact systems that have not enabled Smart Array s100i support.

Known Issues:

None

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.

Important Notes:

None

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of Intel microcode which addresses a Machine Check Exception failure when Fast Fault Tolerant Memory Mode (ADDDC) is enabled. In most cases, this issue results in the log of an Integrated Management Log (IML) Bank 7 or Bank 8 Machine Check Exception with a status of 0xB2000000:00200400 but can also result in a system reset with an Unexpected Shutdown logged. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigations for security vulnerabilities documented as CVE-2020-0548 and CVE-2020-0549, also known as CacheOut. These security vulnerabilities are documented in Intel Security Advisory INTEL-SA-00329. These issues are not unique to HPE servers.

Addressed an issue where the server may become unresponsive during POST with a Red Screen Exception (RSOD) when the server was reset (restarted) at the same time that an iLO firmware reset was initiated. Note that updating iLO firmware results in the reset of iLO firmware.

Addressed an issue where the System Utilities System Information data could not be successfully exported to an FTP (network) location. Previously the System Utilities would report the file was saved successfully but no actual information was saved on the network share.

Known Issues:

None

Added a new BIOS/Platform Configuration (RBSU) option to the Intel Persistent DC Performance Settings called Balanced Performance Mode. This option may improve performance of systems configured with Intel DC Persistent Memory with certain workloads.

Updated to the latest thermal support for the platform.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

This version of the System ROM replaces the previously published v2.20 System ROM. The v2.20 System ROM introduced an issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in the v2.14 ROM of the System ROM.  Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

REMOVED – Version 2.20 of HPE Gen10 system ROM is NO LONGER AVAILABLE for download. Please use the replacement version 2.22 or later. Version 2.20 has been removed from the web for the issue where a small subset LRDIMMs could experience an uncorrectable memory error. This issue had been previously fixed in version 2.14 of System ROM. Please consult the following advisory for additional details. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092445en_us

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest support for Intel Trusted eXecution Technology (TXT) which provides mitigation for CVE-2019-151. This mitigation is only needed for systems that have TXT enabled. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel Reference Code support that provides mitigations for the multiple security vulnerabilities. The following vulnerabilities have been addressed in this System ROM release: CVE-2019-11137, CVE-2019-152, and CVE-2019-11136. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an CVE-2017-5715, CVE-2019-11135 and CVE-2019-11139. These issues are not unique to HPE servers.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex micro-architectural conditions, executing X87 or AVX or integer divide instructions may results in unpredictable system behavior. This issue is not unique to HPE servers.

Addressed an issue where the system may become unresponsive during POST when both iLO and the server are reset simultaneously.

Addressed an issue where the server may experience a Red Screen (RSOD) during boot when a Matrox GPU is present and the server is booting in Legacy Boot Mode. This problem could occur with other optional PCIe graphics adapters. This issue is not intermittent and will occur on every boot with impacted optional PCIe graphics adapters with previous System ROM revisions. This issue is not seen with servers configured in UEFI Boot Mode or when using the embedded graphics controller.

Addressed an issue where the system may incorrectly report that a DIMM has been mapped out after a memory training failure in the Integrated Management Log (IML) when the DIMM is still present in the system memory map. The IML will now correctly indicate the memory training failure, but will not indicate that the DIMM has been mapped out. This change only impacts the IML logging of the error and does not impact the operation of the system.

Known Issues:

None

Updated to the latest thermal support for the platform.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

Firmware Dependencies:

Problems Fixed:

This version of the System ROM includes the latest version of the Intel microcode which addresses an issue where under complex microarchitectural conditions involving branch instructions that span multiple 64 byte boundaries, unpredictable system behavior may occur. This issue is not unique to HPE servers.

Known Issues:

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.

Important Notes:

Firmware Dependencies:

Problems Fixed:

Known Issues:

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.

Important Notes:

Firmware Dependencies:

Problems Fixed:

Addressed an issue where configuring memory to run at 2x refresh rate would still actually operate memory at 1x refresh rate. This issue was introduced with the v2.00 System ROM and did not impact earlier versions of the System ROM. This issue is not unique to HPE servers.

Addressed an issue where the NVMe PCIe Resource Padding option in BIOS/Platform Configuration (RBSU) would not properly allocated sufficient resources to support a NVMe hot add event. In certain configurations, an insufficient amount of resources would have been reserved and a reboot would have been required to detect the presence of the newly added drive.

Addressed an issue where the system would not boot to a USB drive when a non-bootable (non-formatted) drive was also present in the system. This issue only impacts systems configured in Legacy Boot Mode.

Known Issues:

Added a new BIOS/Platform Configuration (RBSU) option called Intel Priority Based Frequency to support enabling Intel Speed Select - Base Frequency support on select 2nd Generation Xeon Scalable Family Processors that are optimized for NFV workloads. This option, which is disabled by default, is located in the Processor Options menu and visible only when NFV optimized SKUs are installed (denoted by the N in the SKU model). On supported Operating Systems, Intel Speed Select - Based Frequency functionality allows high priority cores to operate at a higher frequency than the nominal base frequency while lower priority cores will run at a slower frequency.

Added a new BIOS/Platform Configuration (RBSU) I/O Direct Cache (IODC) menu to the Power and Performance Menu. This option allows for tuning the policy for which I/O transactions interact with the processor cache. The caching policy may have a slight impact on cross socket latency. Workloads where this option would need to be modified from its default value for optimum performance are extremely rare.

Added support for HPE Fast Fault Tolerant Memory (ADDDC) to operate when a single memory rank is only available on a given memory channel. Previous versions of the System ROM required two or more memory ranks to be available on each memory channel. After updating to this version of the System ROM the server will automatically configure the system for HPE Fast Fault Tolerant Memory Mode if the memory configuration supports this option.

Updated the UEFI OpenSSL support to version 1.0.2r to address security vulnerability CVE-2019-1559.

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and/or hypervisor updates, provides mitigation for a new group of side channel vulnerabilities known as Microarchitectural Data Sampling (MDS).  This includes support for mitigating the following vulnerabilities:  CVE-2018-12126 – Microarchitectural Store Buffer Data Sampling, CVE-2018-12130 – Microarchitectural Fill Buffer Data Sampling, CVE-2018-12127 – Microarchitectural Load Port Data Sampling, and CVE-2019-11091 – Microarchitectural Data Sampling Uncacheable Memory.  These issues are not unique to HPE servers.  Note that MDS is addressed in hardware for systems utilizing the Intel Second Generation Intel Xeon Scalable Processors.

This revision of the System ROM includes the latest revision of the Intel Reference code support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2019-0119 and  CVE-and CVE-2019-0126.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue where the system may experience a higher rate of boot time Memory training issues with Intel Xeon Scalable Performance Bronze, Silver and Gold 5x00 processors. This issue was first introduced with System ROM version 2.00. HPE recommends that any customer experiencing a memory issue immediately update to this version of the system ROM before replacing any components. This issue is not unique to HPE servers.

Known Issues:

None

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for an Intel sighting where under complex microarchitectural conditions, software using Intel TSX (Transactional Synchronizations Extensions) may result in unpredictable system behavior. Intel has only seen this under synthetic testing conditions and is not aware of any commercially available software exhibiting this behavior. This issue is not unique to HPE servers.

This system ROM contains the latest Intel microcode that addresses an issue where the system may experience an Uncorrected Machine Check Exception in Bank 0 with Status containing 000F0150. This update may not address all Bank 0 machine check events with a Status containing 000F0150 but should be used before any other further service actions for issues resulting in this Integrated Management Log (IML) entry. This issue is not unique to HPE servers.

This revision of the System ROM includes the latest revision of the UEFI EDK2 support that provides mitigations for a variety of security vulnerabilities.  The following vulnerabilities have been addressed in this System ROM release: CVE-2018-3613 CVE-2017-5731, CVE-2017-5732, CVE-2017-5733, CVE-2017-5734, CVE-2017-5735, CVE-2018-3630, CVE-2018-12178, CVE-2018-12179, CVE-2018-12180, CVE-2018-12181, CVE-2018-12182, CVE-2018-12183, CVE-2018-12201, CVE-2018-12202, CVE-2018-12203, CVE-2018-12204 and CVE-2018-12205. For additional information please refer to the security bulletin at https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03912en_us.  These security vulnerabilities are not unique to HPE servers.

Addressed an issue in which the system may not properly boot to the HPE 8GB Dual microSD Flash USB Drive when an SD card is installed on the internal SD slot when the system is configured for Legacy Boot Mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where certain 3rd party USB drive keys may not function properly after a system reset when the system is configured in UEFI Boot Mode.

Addressed an issue where the HPE CN1000E-T adapter may not boot properly in Legacy Boot Mode.  This issue does not impact systems configured in UEFI Boot Mode.

Addressed an issue where firmware updates staged through the HPE RESTful API may fail to properly execute on a subsequent boot and be marked with an exception in the iLO firmware installation queue.

Addressed an issue where iLO virtual media may not boot properly after setting the Boot on Next Reset option in the iLO Remote Console and Media - Virtual Media settings.

Addressed an issue where the AHS Download application from the System Utilities Embedded Applications or UEFI Shell may fail to work properly with iLO firmware 1.30 or later.

Addressed an issue where the UEFI Shell sysconfig command may fail to set an option or become unresponsive.

Addressed an issue where an optional SATA DVD drive may not unlock and allow media to be ejected after an operating system reboot.

Addressed an issue where the system may become unresponsive during boot and experience a Red Screen (RSOD) when booting in Legacy Boot mode with a SATA M.2 drive installed. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where a USB KVM, such as the HP AF611A KVM,  may not function properly after a system reboot.

Known Issues:

This revision of the System ROM may result in a VMware PSOD (crash) when a system is configured with Intel Trusted eXecution Technology (TXT) enabled and the Trusted Platform Module (TPM) in TPM 1.2 Mode. This issue is only seen in certain memory configurations. Please consult the following HPE Customer Advisory for more details on this issue. https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00065453en_us

Added support for Intel Xeon Scalable Performance 3200, 4200, 5200, 6200 and 8200 series processors.

Added support for HPE One button secure erase. This option can be launched from the HPE Intelligent Provisioning application or through the HPE RESTful API to securely restore the system back to a default configuration.  This option also requires iLO firmware 1.40 or later, and Intelligent Provisioning 3.30 or later.

Added Secure Configuration Lock feature.  This feature can be enabled to detect system hardware, security configuration, or firmware revision changes to protect against malicious or unintended modifications to the server.  This protection can be enabled for systems in transit from the factory to the customer site, in transit from one customer site to another, or can be left enabled on a deployed server.  A new BIOS/Platform Configuration (RBSU) Server Configuration Lock menu in the Server Security Options is available to enable and configure this functionality.

Added a new BIOS/Platform Configuration (RBSU) Backup and Restore Settings menu to System Default Options. This option can be used to backup (save off) the current BIOS configurations settings to a USB storage device for migration to another server.

Added a new BIOS/Platform Configuration (RBSU) Opportunistic Self Refresh menu to Memory Options. This option can be enabled to reduce idle system power usage, but the system may incur additional memory latency.

Added a new BIOS/Platform Configuration (RBSU) Memory Controller Interleaving menu to Memory Options.  This option can be used to disable memory controller interleaving which may provide more balanced memory performance when a system is configured in an unbalanced memory configuration.

Added a new BIOS/Platform Configuration (RBSU) for dual bifurcation (quadfurcation) of PCIe Adapters to the Advanced PCIe Configuration Options. This option will allow a x16 PCIe device to be bifurcated into four x4 devices.  This option would only be used for PCIe Adapters that support this level of bifurcation.

Updated the language translations (non-English modes) for System Utilities.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Updated the system thermal logic to support the latest GPU adapters.

Upgrade Requirement:
Recommended - HPE recommends users update to this version at their earliest convenience.

Important Notes:

Firmware Dependencies:

Enhancements/New Features:

Known Issues:

Upgrade Requirement:
Optional - Users should update to this version if their system is affected by one of the documented fixes or if there is a desire to utilize any of the enhanced functionality provided by this version.

Important Notes:

Firmware Dependencies:

Problems Fixed:

Addressed an issue where firmware flashing through the RESTful API could periodically fail and the task being marked with an exception in the iLO firmware page. This issue could impact flashing firmware such as the HPE Innovation Engine, Intel SPS Firmware or the optional HPE Trusted Platform Module (TPM).

Addressed an issue where a PCIe card would not properly train to its maximum speed when the PCIe Bifurcation option was enabled. This issue does not impact PCIe cards that do not require bifurcation.

Addressed an extremely rare issue where a system configured with an optional SATA DVD drive and an HPE SmartArray controller may become unresponsive during boot, usually with a Red Screen (RSOD), when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Addressed an issue where an optional PCIe card's legacy option ROM may not properly display its legacy setup menu prompt during boot when in legacy boot mode. This issue does not impact systems in UEFI Boot Mode.

Known Issues:

Added support for flashing the firmware of the optional HPE Trusted Platform Module (TPM). This is the minimum revision of the System ROM that should be used if updating the firmware on the optional HPE TPM module.

Added a new PCIe Peer-to-Peer Serialization option to the Advanced Performance Options menu in the BIOS/Platform Configuration (RBSU). This option can be used to improve peer-to-peer performance between two PCIe devices installed on the same processor. This option may improve performance in certain GP-GPU configurations.

Updated the RESTful API HPE BIOS Attribute Registry resources to match the latest BIOS/Platform Configuration options.

Upgrade Requirement:
Critical - HPE requires users update to this version immediately.

Important Notes:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

Firmware Dependencies:

None

Problems Fixed:

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system and hypervisor updates, provides mitigation for the L1 Terminal Fault – OS/SMM (CVE-2018-3620) and L1 Terminal Fault – VMM (CVE-2018-3646) security vulnerabilities.  These vulnerabilities may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a side-channel analysis.  These security vulnerabilities are not unique to HPE servers and impact any servers utilizing impacted processors.  Note that this server is NOT vulnerable to L1 Terminal Fault – SGX (CVE-2018-3615), also known as Foreshadow, because this server does NOT support SGX. 

This revision of the System ROM includes the latest revision of the Intel microcode which, in combination with operating system updates, provides mitigation for the Speculative Store Bypass (also known as Variant 4) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3639. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This revision of the System ROM includes the latest revision of the Intel microcode which provides mitigation for the Rogue Register Read (also known as Variant 3a) security vulnerability. A Medium level CVE has been assigned to this issue with ID CVE-2018-3640. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis. This security vulnerability is not unique to HPE servers and impacts any systems utilizing impacted processors.

This firmware version includes additional fixes (since version 1.40) for an issue where systems may experience a 389-Unexpected Shutdown and Restart, logged in the iLO Integrated Management Log (IML). This issue is not unique to HPE servers.

Addressed an issue where systems may log an erroneous Bank 4 Machine Check to the iLO Integrated Management Log (IML) on a system reset event. In most cases, this error can safely be ignored. This issue is not unique to HPE servers.

Known Issues:

None