Framework Laptop 13 - 11th Gen Intel Core BIOS 3.22 Release Stable

We move this version to stable.

You can check your current BIOS version following the steps here to determine if you are on the latest release.

NOTE:

1. If you have lost your Secure Boot keys and cannot enable Secure Boot, the screen will still appear as shown in the picture below, even after setting the ‘Restore Secure Boot to Factory Settings’ option to ‘Enabled’ and then selecting ‘Save and Exit’.

   Failure Status:
   Secure Boot Database = Unlocked
   Secure Boot State = Disabled
   User Customized Security = YES

   

   1600×876 141 KB

   Please use either Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_3.22_ClearVar.exe (in Windows) or Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_3.22_ClearVar.zip (for EFI Shell) to perform the update.

   After the BIOS update is complete:

   1. Restart your laptop and press F2 to enter the BIOS setup menu.
   2. Navigate to Security > Secure Boot.
   3. Set “Restore Secure Boot to Factory Settings” to Enabled.
   4. Save your changes and exit the BIOS. The system will then restore the secure boot key and enable secure boot automatically upon rebooting."

Subscribing to release notifications

If you want to subscribe to new release notifications you can now opt in through this link to receive an email when we release a new BIOS or driver update for your Framework Laptop.

Battery Extender functionality

With the high energy density on the 61Wh battery, leaving it at 100% state of charge for an extended period of time can shorten the lifetime of the battery. To prevent this, we have added a new feature that automatically limits the maximum state of charge if the system is left plugged into power for more than 5 days. The timer is reset after the system is disconnected from a power adapter for more than 30 minutes.

This functionality also reduces cycling of the battery by allowing the battery to discharge by several percent before charging again. Note that in addition to this automatic setting, you can also manually set a lower charge limit on your battery in BIOS to further preserve battery longevity.

This feature can be disabled or enabled in the BIOS Advanced menu.

1600×909 169 KB

Battery Extender: This option is enabled by default. If disabled, the system will always keep the battery fully charged.

Battery Extender Trigger: This option sets the number of days that must pass before the battery state of charge is reduced automatically to extend the battery life.

Battery Extender Reset: This option sets the number of minutes that the system is running on battery before the extender is reset, causing the system to charge to 100% when attached to power again.

Battery Charge Limit Functionality

This release modifies the battery charge limit functionality to add a 5% float range. This allows us to reduce the number of microcycles on the battery when the CPU turbos.
Previously to the change in 3.07, the battery would be held at the target state of charge, so if a large power draw happened for a short time, such as when the CPU turbos, the battery would drain slightly and then charge again.
Introduced in this version, the battery will not start to charge until the battery has dropped 5% below the charge limit.

As an example, if the user sets the battery charge limit to 80%, the battery will maintain a state of charge between 80% and 75%. And will not charge up to 80% until it has discharged to 75% while the system is on.
If this is activated while the battery state of charge is above the limit, the battery will discharge without drawing power from the adapter until the upper limit is reached.

Downloads

Windows

Instructions for Windows Installer:

1. Run the .exe.
2. Click yes to reboot.
3. Wait for the firmware progress bar to complete, and then the system will reboot.
4. If you are updating a system in standalone mode, please pay careful attention to the standalone update process below.

Please note that you must update with a charger attached.

Linux/LVFS

There will not be an LVFS update for this specific release because it has an Intel CSME update, which can’t be delivered through LVFS. Use the UEFI Shell update method instead for this release.

Linux/Other/UEFI Shell update

Please note, you need to update to 3.17 or later to update using EFI, as this is needed to support capsule on disk.

You can download the release below, please follow the update instructions below.

We have rewritten the update process for EFI. This new version will stage the bios onto your internal SSD and run them all together in sequence. This is to avoid issues with usb devices disconnecting and disappearing during subsequent updates during the update process, which would cause partial updates to be applied.
Troubleshooting:
If you experience ports not working after your update. Please shutdown, unplug all power sources, wait 90 seconds, and then power on again.

Note that if you use the EFI shell update with Windows, you should suspend Bitlocker if enabled before updating using the EFI updater.

Instructions for EFI shell update:

1. Extract contents of zip folder to a FAT32 formatted USB drive. Cleanly unmount the drive before physically removing it, otherwise the BIOS update may not function correctly.
2. Boot your system while pressing F12 and boot from the thumb drive.
3. Let startup.nsh run automatically.
4. Follow the instructions to install the update.

Updating a Mainboard outside of a laptop

This release supports standalone updates without a battery attached only when updating using the EFI shell method only. After rebooting, please follow the onscreen instructions to update your BIOS when in standalone mode, which will require moving the power source between both sides of the Mainboard to allow PD firmware to update correctly.

Please note that the power and display output must be connected to the same side during standalone updates. Failure to do this may result in no display output during the update process.

We recommend the following update flow for standalone updates:

Part 1

Ensure that standalone operation is enabled in the bios advanced setup menu.

Display connected to upper left port.
Power connected to the lower left port.
Run the updater from EFI shell. Please follow the “Instructions for EFI shell update” to run the updater.

Select the EFI USB Boot Device.

1600×900 116 KB

The Updater will update the PD controller from right side. Press any key to continue updating.

1600×576 141 KB

1600×1181 223 KB

Part 2

Plug the AC to the left side, then boot to EFI updater. The Updater will update the PD controller from left side. Press any key to continue updating.

1600×576 135 KB

1600×1229 239 KB

After PD updates, it will reboot automatically, then start the BIOS capsule update.

1600×1080 95 KB

Then, the EC will update after BIOS section finishes.

1600×1080 98.2 KB

Security Fixes

Enhancements

1. Updated Intel CSME to 15.0.50.2633_Consumer.
2. Updated Microcode to 0xBA.
3. Added automatic battery lifetime extender if the system is attached to AC for several days.
4. Added BIOS option to prevent TPM PCRs changing when TBT eGPU is attached.
5. Dual Display (Panel + External Monitor) support for pre-boot (BIOS/POST)

Fixes

1. Fixed issue where the system cannot power on automatically when “power on AC attach” was enabled.
2. Fixed missing secure boot key that prevented secure boot from being enabled.
3. Fixed CVE-2023-38655, CVE-2023-40067, CVE-2023-34424, CVE-2023-35061, CVE-2024-21844, CVE-2023-48361, CVE-2024-26021, CVE-2024-30211, CVE-2024-28956, CVE-2024-49200, and CVE-2022-35897.

Component Versions

This BIOS update is a bundle of updates to multiple embedded components in the system.

Not all of them use the same version number.

Known Issues

1. The EFI update will not work with filesystems that are formatted using MBR.
2. If you get a security violation as part of the EFI update. Please disable secure boot.
3. This update requires a battery present to complete the update.
4. Linux users have reported that S3 sleep no longer works.

This doesn’t apply yet, assume copypasta oversight.

Thanks! Corrected.

Updating from 3.20 via the UEFI shell without the AC adapter plugged in silently fails: no error is shown and the BIOS is version is still the same after reboot.

Forcing the textual mode as shown here (removing the winux.bin file from the CapsuleApp.efi invocation in startup.nsh) correctly shows the error instead of just rebooting.

Does this BIOS have a fix for this issue: Sleep issues after 3.19 BIOS update - 11th Gen Intel Framework 13 - #38 by Emmett_Butler

I’m getting sick of having to pull the battery every once in a while when I mess up my linux configurations

I applied the Windows driver updates and then tried to apply the BIOS updates. (I usually use Linux, but the Windows procedure seemed simpler.) At the end I got “ESP Disk Space not enough”. I’m not sure what state my BIOS was left in and whether it’s safe to reboot. Is there a fix for this that doesn’t require changing partition sizes? Would I get the same error trying the standalone UEFI upgrade procedure?

Thank you very much for another (security) update

I experimented and answered some of my questions, but ended up with a catastrophic (for me) problem with the new BIOS.

I rebooted, and was able to boot into Ubuntu after the failed Windows .exe firmware upgrade. I saw that 3.22 can only be installed via UEFI shell from 3.17 or higher, so I installed 3.17 via fwupdmgr, and then was able to follow the UEFI shell procedure to upgrade to 3.22 from a USB drive.

At first that worked, and gave me the UEFI firmware settings, GRUB menu, and LUKS disk-unlocking screen on my external monitors, which was super-exciting for me since it would have made booting my laptop with a dock so much easier, and not required me to temporarily have my laptop somewhere where the lid could be open to boot it!

After a couple reboots that way, I decided that now that I could boot my Framework with the lid closed, I should enable “automatic power-on on power attach” or whatever it’s called in settings, so I could just plug in my dock when I get to work. And that did not work. Moreover, it seems to have broken all external monitor support through my (CableMatters) Thunderbolt dock. I no longer see any video via the dock: not when booting nor when Ubuntu is running. (I haven’t tried booting into Windows yet to see whether Windows sees the displays connected to the dock.)

This basically makes the laptop unusable for me for work. (I guess I could give up two ports and plug in two HDMI cards — the USB keyboard and mouse still work through the dock. I know I ordered two HDMI cards with my laptop but I can only find one of them at the moment. I presume two HDMI adapters would work with the lid closed; haven’t tested though.)

Note that I have turned off automatic boot when power is connected again, but I still have no video out. Maybe I should try pulling the battery to clear all state and see if that makes a difference, but it’ll be a while before I can try that.

(No criticism of Framework/Insyde here — this is a beta update! And I’m not even 100% sure the BIOS update is the issue; it may be coincidental!)

If you haven’t done that yet: Turn off the computer (no hibernation). Unplug the power cable and any peripherals (maybe even remove all expansion cards). Wait a couple of minutes (this will reset the embedded controller). Then plug in (USB-C expansion cards if removed and) the power cable. Turn the laptop on and boot into an OS of your choice. If necessary, plug in the rest of the expansion cards.

This can sometimes “revive” the full capabilities of the usb ports if the embedded controller got confused for whatever reason.

Thanks! I had sort of tried that, but without removing expansion cards or waiting more than ~20-30sec. I tried waiting a full two minutes and pulling all expansion cards, and also chose “disconnect battery” in settings, and that worked, however, it seems not always to last.

My first boot after doing that was smooth and I got the boot screen, GRUB, and LUKS decryption screen on the external monitors. After powering off but not pulling power, though, I lost access to the external monitors again.

But doing it a second time fixed things again, and this time I’ve been through one warm reboot and one shutdown-and-power-on-without-pulling-power, and all connected monitors are on again.

Bits of this are sort of mirroring intermittent problems I had under BIOS 3.07, where sometimes my external monitors would stop working for a little while, I think I always had accidentally left the Framework off for a while before trying again and they started working again before I put too much effort into debugging things. Weirdly, I used to reliably get the GRUB screen and LUKS decryption prompt on all monitors, until I upgraded from Xubuntu 22.04 to 24.04. I never got firmware boot messages or the UEFI settings on external monitors before 3.22, though. And my problems today were definitely not Ubuntu-related because I was seeing the same thing in Windows. Thanks to you, @next_to_utter_chaos, I think I now know how to get things working if they fail, but I would love to have external video work more consistently and reliably.

Excellent, not sure why everyone and their brother seems to think that throwing in graphics makes things better. Time to grab that laptop and fire up the update. Also super happy my previous docs on how to do this stuff without windoze is useful to others even if framework won’t release the version from their partner Insyde directly.

Not sure how I missed this thread for the past 5 days…but I’m sooo happy to see we’re still getting BIOS updates, with new features / behaviour and CVE updates. Thank you!

Update: The 5% float isn’t working for me. Charge limit set to 72%. Expectation is that I should not see a “Charging” / “Discharging” flip-flop while the battery is between 67-72% charged. Reality is that the battery still gets micro discharged…and near-immediately being charged again.

OS: Ubuntu 24.04.2 LTS
Kernel: 6.11.0-25-generic
Happens regardless of which of the three Power Modes the laptop is in.
Power adapter: Able to deliver up to 98w.

Back on the shelf it goes.

Update 2: Just re-read the OP… “This allows us to reduce the number of microcycles on the battery when the CPU turbos.” Maybe it is working as intended then, it seems like there’s a reduction on the number of microcycles…just not eliminated.

I wasn’t able to get the update to work on my standalone mainboard running 3.19. I followed the directions exactly and the EFI update booted from USB, flashed something, and then rebooted. The display turns on, but then the board powers off and reboots to Windows.

I made sure to have USB-C power and HDMI display on the left, USB-A keyboard and USB-A flash drive on the right. As of now, I’m still on 3.19.

The capsule updates will do the capsule on disk, so you need to check your ESP partition whether the space is still enough or not.

Do you use it in standalone mode?

Did you connect the battery? There is a known issue that the update requires a battery present to complete the update. This issue is fixed on 3.22, so if you update from previous version in standalone mode, you need to connect both AC and battery.

Hmmm. Per the instructions, I set DisableCapsuleUpdateOnDisk=true before upgrading to 3.17 with fwupdmgr. Then I followed the standalone procedure to update to 3.22 from the UEFI Shell using a flash drive, and that succeeded and dmidecode (plus the changed video behavior and the additional options in UEFI settings!) confirms I’m at 3.22. I was a little worried when I saw something about the BIOS upgrade being staged to flash, but it did work. Maybe doing it from Windows just takes more space on the ESP partition than doing it from UEFI Shell for some reason (or maybe I’m misunderstanding what “staging to flash” means).

It looks like the biggest things in /boot/efi are fwupd-b3bdb2e4-c5cb-5c1b-bdc3-e6fc132462ff.cap (which I’m guessing I don’t need any more, since my firmware is already up to date) and some CJK Microsoft boot fonts which I’m guessing I could delete safely as long as I don’t set a CJK language as my system language in Windows. But I’m up to date and I’ve got 33MB free in the 100MB partition so I guess I won’t worry about it.

Thanks!

I’m not sure what “standalone mode” means here. If bare motherboard without case, then no. If you’re talking about how I did the 3.22 upgrade, then that was from the UEFI shell by booting from a flash drive (as opposed to under Windows or Linux).

I see where the confusion is. So once the update is installed, the battery shouldn’t be required for the next one? I’ll have to give it a try if I end up with the battery out of the laptop.

Yes, with 3.22 version, no need the battery in the future. BTW, you have executed the script file one time, so the CSME firmware has been updated. If you run the script again, you may see an error that VCN is not allowed to update the same version. It is expected because the CSME firmware has been updated to the latest, so it won’t do again.