12th Gen Intel Core BIOS 3.06 Beta

I’m going to agree with @meehien. I want to love my Framework, and I keep debating on going ahead and pre-ordering the AMD motherboard or 13th gen one, but I keep circling on “… but the BIOS updates …” and getting worried. My new job has a Perks system that gets a sizable discount with Lenovo, and I’ve been considering switching to them or back to Dell.

While, yes, BIOS updates aren’t strictly necessary on an otherwise perfectly functioning system, the BIOS we’re waiting for the 12th gen board includes fully certified Thunderbolt support, but in my opinion the part I care about more is the patches for CVE’s. Before my Framework I had 2 XPS 13’s and an XPS 15, and getting BIOS updates at least once every couple months made me feel a lot safer knowing the security issues were getting fixed.

Recently some manufacturers have been having issues with firmware updates that are likely going to scare a lot of users, namely the recent HP “oh your printer doesn’t work now” problems. I imagine a lot of users are going to read this as “I guess I just don’t do updates anymore” but that’s the wrong take away. Instead of just not doing firmware updates for fear that they’ll break something, it’s better to focus on pressuring companies to do better about firmware updates so we don’t have such fears. In Framework’s case, I think they are appropriately cautionary, but this caution is showing that their firmware team isn’t large enough and/or stretched too thin. To some degree it’s easy enough to hand-wave that as “Well yeah, small start up, only so many resources,” but that does leave me worried about the future.

I generally apply updates, specifically security updates, as soon as feasibly possible, but I rarely go on beta tracks for firmware for the “it’ll probably break something” fear. However, having a device that is supposedly still receiving support, or being sold as new still, that has nearly 1 year old security flaws left unpatched? That’s when I start thinking of jumping ship.

Overall, I do not explicitly disagree with @Perry_Flaugh about wanting to give Framework some slack here, I also feel like it’s not enough to just say that’s the end of the conversation.

To me, I think this is a perfectly valid time to bring up the “What about Coreboot?” question again. If Framework is struggling to find the resources to maintain firmware for multiple boards, maybe it’s time to hand the reins over to the open source community. I do understand that’s an undertaking in and of itself, so maybe wrap up what is active, but if there are new hires happening for these firmware teams, maybe they need to be focused on transitioning what they can into an open source BIOS/firmware platform instead of just continuing the closed sourced firmware development. I vaguely recall some of the discussion around this specific topic in the past surrounded the difficulty is due to the current hardware limitations of switching to an open BIOS is caused by licensing agreements, which is understandable, but that doesn’t have to mean development stops in that regard.

Frankly, if there were inklings of a, “Well, sadly, you’d have to buy a new motherboard with new chipsets to get an open source BIOS, but that’s going to be available within X time,” I’d probably stick around on the Framework bandwagon thru that to try it out. As is, I’m definitely finding it hard to not switch back to a larger manufacturer, though. I really want Framework to succeed, I love the mission of sustainable, upgradable laptops, but I still want to daily drive thing without feeling like it’s a security risk.

8 Likes

I’m going to disagree. My experience of laptop manufacturers (various brands) is that they very rarely if ever produce bios updates at all, and when they do it’s to take features/functionality away.

6 Likes

@meehien While your Lenovo example is an exception. I do want to point out that companies that do supply these regular BIOS updates are hundreds of times bigger than Framework and have MASSIVE contracts to supply machines to Fortune 100 companies, the government, etc., of course the BIOSes are going to be updated every few months. Framework is a minuscule fraction in size compared to these companies. Things are going to go slower, not to mention we aren’t even more than a few years into Framework selling machines to the public. Theres going to be bugs and hold ups. You are comparing apples and oranges.

I have a z170 ASUS motherboard in my PC, ASUS’s last BIOS release for that board was 2017. The vast majority of manufacturers hardly ever upgrade their BIOS after a few years. This was moreso my original point.

@JP_Powers The 12th gen’s shipped with 3.05 which was a patched BIOS to address those CVEs. Did you not get 3.05 on your 12th gen? Personally I would love to see Coreboot as well.

Really my entire above comment was just echoing your aversion to beta software. I cant help but facepalm when someone complains that 3.06 is taking too long, then gets impatient and installs a beta BIOS on their machine and then SHOCKED PIKACHU when their laptop is now broken in some way and takes to the forum to complain about their now messed up laptop.

3 Likes

Just in case anyone missed my edit/update to my original post, I was able to get the BIOS patched successfully and the right side port issue resolved immediately thereafter. I also want to commend Framework support for a quick response to my initial report, which I submitted at the same time I made that post.

If anyone has any questions about the process I used to remediate the upgrade or any other relevant details, please feel free to DM me and I’ll be happy to help.

4 Likes

@Perry_Flaugh, just a couple of quick corrections to your post:

  1. The vulnerabilities that Framework posted in Sep 2022 are not addressed in BIOS 3.05.

Binarly, a firmware security analysis firm, discovered several issues in Insyde BIOS that impact the Framework Laptop (12th Gen Intel Core) with BIOS releases 3.05 and earlier.

The CVEs enumerated as resolved are only found in the 3.06 BIOS update.

  1. Not all 12 Gen Framework laptops shipped with 3.05. As I indicated in my initial post, mine shipped with BIOS 3.04. FWIW, 3.05 was never released to the public or in beta (though I personally would have skipped it if it had, given the absence of the security fixes).
3 Likes

Any update on this?

1 Like

Don’t mean to drag it out, but it should be noted that framework support is also telling people to upgrade to this BIOS beta in an attempt to fix issues.
Not that I’m blaming the framework team, BIOS updates shouldn’t be rushed and they simply don’t have the resources of a larger company; But when you are having a moderately severe issue(Like a permanently throttled CPU) and one of the recommended steps is to upgrade to a seemingly unfinished BIOS version with no release timeline given, I can understand why users may be frustrated.

In the end it’s a relatively small team and we did all buy the first couple generations of a device, can’t expect everything to be perfect so lets all be nice to one another :slight_smile:

3 Likes

Aside from the fact that a bit more communication from Frameworks site on this rather lengthy development process would be much welcome and necessary, it is my understanding that it is the Thunderbolt part of this update what causes the problems and delay?!
So why is this release not splitted up?
Release a simpler update immediatly or in a short time frame to close the CVEs, eleminate the energy, throttling and possible other problems fixed in 3.06 and enable large battery and perhaps other hardware support.
Than go on with testing the Thunderbolt update and release it later.
Just my two cents.

2 Likes

I’m one of the people Framework Support asked to upgrade to the beta to see if it fixed the CPU throttling issue. Luckily, I didn’t have any of the problems with the upgrade that many others did here[0], but it unfortunately did not fix the throttling problem.

[0] One small UX improvement I can suggest, though: the final screen that says the upgrade is complete says to press enter to flash again, some other specific key to do something I can’t remember, or any other key to reboot into the regular OS. Even after reading that – seemingly very carefully – my brain said “ok, press enter to reboot to my OS”… which of course, as the instructions told me in the first place, actually performed the flashing again. Since re-flashing should be an unusual occurrence, I’d suggest that it should be a very specific key, like “F”, perhaps, and not enter.

1 Like

I feel the same. Waiting for a year to patch some random CVEs is not really the best idea. Since I own my framework laptop (October 2022) my Lenovo P50 (from 2016…) had at least 2 BIOS Updates while the FW had none.
I think I do unterstand why this is the case, mainly because of the new products/variants that are beeing released and take up development time, but I do not approve.

2 Likes

meanwhile, my HP Probook (from 2012) has had a big fat ZERO bios updates since 2016, and that one was a panic release to encrypt the bios because they realised that people were flashing modified bioses to bypass their anti-consumer hardware whitelists that restricted them to utterly crap bottom of the barrel draft-n wifi cards.

1 Like

I’ve been following this thread for a long time as I’m eagerly awaiting getting Thunderbolt support. I’m sympathetic to the fact Framework is a small company that won’t always have the resources to move quickly, but I can’t help but think they have just moved past spending time on 12th gen and have everyone focused on their newer initiatives. My expectations of ever seeing this delivered are pretty low at this point.

11 Likes

Framework | Framework Laptops now have 4 Thunderbolt 4 ports So you cannot yet use thunderbolt? does the current beta 3.06 not add support already? I dont understand your statement.

1 Like

The 3.06 beta bios does introduce the Thunderbolt support, but it also has some major issues. Users in this thread have reported that it just bricks half of the ports on the laptop and there is no way to rollback the bios.

I’m not comfortable taking that gamble, so I’m waiting for the final (non-beta) version of the bios to be released that won’t have those symptoms.

2 Likes

I started to look at the earlier posts and scrolled down and noted what issues people where having and if they got fixed. well, actually, most did. and eventually i stumbled upon
12th Gen Intel Core BIOS 3.06 Beta - #109 by Kieran_Levin Kieran answering the “concerned user” and noting the current issues they are tracking. some of which I listed above and seems they tracking them. and I think we sort of saw also the fixes those people found, this is including the non working usb port.

Then I looked at the first post again, its been updated, it has suggestions for main board only users (that use DP-mode dongles for example) and most thunderbolt issues, well, the now certified ports will less likely allow DMA attacks, thus, under linux, one needs the right tools to use thunderbolt 12th Gen Intel Core BIOS 3.06 Beta - #91 by Mapleleaf what catched my eye was, often, non working ports was due to partial updated motherboards, rerunning the update would fix for most (and I spotted them replying it was fixed). or at-least you could notice in their wording, they had a partial update and what the possible fix would be.

1 concern I personaly have is the usb-a devices not working. I believe if you know about the first post having these details what to do, and how many times… updating the full board should be possible for everyone. 12th Gen Intel Core BIOS 3.06 Beta - #185 by Simon_BN one of them (2 or 3 ppl?)

The first post also mentioned why a rollback wont be advisable.

I asume this has to do due to firmware incompatibility between bios v<=3.05 to 06 and the usb/thunderbolt controllers.

Overall, I think the first post has been updated well enough and not only is this a “bios” update (UEFI firmware) but also updates part of the chipset, the thunderbolt controllers. meaning, more is involved and also charging over one of these ports prevents it from being updated is a odd one (probably framework special, as they dont have a dedicated charge port AND 2 thunderbolt connectors, so 1 can be charged and another does not) why we cant downgrade both, might be aanother firmware issue they cant controll (rollback prevention by standard?)

overall, Im very tempted to just try the new bios anyway. I do want a thunderbolt device before i do so, to test it.

Framework | Framework Laptops now have 4 Thunderbolt 4 ports again this post mentions thunderbolt support was already there, but its officially certified now (by means of the new firmware ?!) and probably better support from firmware. but it worked already.

2 Likes

That hasn’t been the case for me, Windows 11 device manager shows I don’t have Thunderbolt at all. I bought a fancy new Thunderbolt docking station, but it essentially only functions as a USB hub currently.

I am going to re-read those posts you pointed out. If people have consistently been able to solve the dead port issue, I would be tempted to try the bios also. I’m ok with things being imperfect, I just was scared by losing some major functionality on the laptop. Thanks for posting those details.

1 Like

Thunderbolt 4 is only a certification for USB4. Everything that is happening behind the scenes is USB4 or Thunderbolt 3, which was supported from the first day and should appear in your Device Manager.
And from 12th gen forward, all notebooks seem to use Windows’ integrated USB4 drivers and no longer require the additional / older Intel Thunderbolt drivers.

The TB4 certification just means that they discovered and fixed a few more bugs with USB4, and now have Intel’s approval that the USB4 implementation is bug-free enough for Intel’s tastes and can now be advertised as Thunderbolt with the logos etc.

The basic, underlying functionality has not changed and was always there.

4 Likes

That would be very sad. Not having important CVEs patched does not work for me and having to buy a new laptop every year (to have a secure one) is against frameworks claimed philosophy. My Thinkpad gets fixes every 1 to 3 months. I hope they improve this situation and maybe this is just because of the problematic retimers update.
Gen11 had 5 firmware updates in two years, which also is not much.

4 Likes

Curious to which Thinkpad this is. (beside the one metioned before)

Anyway, are you considering a framework (I see your relatively new) ? if so, the 13th gen and FW16 havent come out yet so we (consumers) have NO idea how many updates will come. my 12th gen came with 3.04, apparently a minor update 05 (for factory fix) version, and this beta (which is STILL public) could be replaced at any moment when they test the 07 version to be stable or ready for beta. (unless there is an even newer one in the works.)

Also curious where you folks get the notion of any unpatched CVE, i looked this thread back and only see people wanting the CVE patched (and if I read correctly, the beta 3.06 would do so). and altho logically, some parts of the 3.06 update cannot be seperated (altho pure CVE patches might be? depends on Insyde probably to adress this) I think if you want a 12th get FW, get the beta bios. 13th gen and FW16 are the latest. no idea how AMD would go for bios updates

I’ve also been falling this thread since December due to the CVE discoveries and disappointed it’s been 6 months without an official release. I’m running Mint and refrained from upgrading due to the complicated process for non-Windows systems.

The Framework team officially announced they would be releasing a new firmware to support the 61WHr What’s new in this year’s Framework Laptop 13: Part 1 (upgrades). I can only hope that they are working to integrate the fixes from 3.06 and cleanup the upgrade process based on this thread to make something rock solid for the summer.

We’re releasing firmware updates for 11th Gen and 12th Gen Framework Laptops to support the higher resulting pack voltage, and are coordinating with Google on support in the Chromebook Edition too.

2 Likes