Highlights
- Added Framework’s dbx key and updated the default CA of Windows Secure Boot.
- Introduced Battery Charge Limiting status functionality.
- Fixed an issue where hardware encryption on OPAL drives could cause a missing boot drive on subsequent reboots.
- Security Fixed - CVE-2024-45332, CVE-2025-4275
NOTE
This BIOS update is a multi-part update, meaning you will need to update to 3.23, and then update to 3.24. This is due to an issue that cannot update the new Microsoft secure boot CA if you update the BIOS from the previous version to 3.24 directly.
You can check your current BIOS version following the steps here to determine if you are on the latest release.
Subscribing to release notifications
If you want to subscribe to new release notifications you can now opt in through this link to receive an email when we release a new BIOS or driver update for your Framework Laptop.
Battery Extender functionality
With the high energy density on the 61Wh battery, leaving it at 100% state of charge for an extended period of time can shorten the lifetime of the battery. To prevent this, we have added a new feature that automatically limits the maximum state of charge if the system is left plugged into power for more than 5 days. The timer is reset after the system is disconnected from a power adapter for more than 30 minutes.
Battery Extender Duration | Battery State of Charge |
---|---|
0-5< Days | 99% → 100% |
5-7 Days | 90% → 95% |
>7+ Days | 85% → 87% |
This functionality also reduces cycling of the battery by allowing the battery to discharge by several percent before charging again. Note that in addition to this automatic setting, you can also manually set a lower charge limit on your battery in BIOS to further preserve battery longevity.
This feature can be disabled or enabled in the BIOS Advanced menu.
Battery Extender: This option is enabled by default. If disabled, the system will always keep the battery fully charged.
Battery Extender Trigger: This option sets the number of days that must pass before the battery state of charge is reduced automatically to extend the battery life.
Battery Extender Reset: This option sets the number of minutes that the system is running on battery before the extender is reset, causing the system to charge to 100% when attached to power again.
Battery Charge Limit Functionality
This release modifies the battery charge limit functionality to add a 5% float range. This allows us to reduce the number of microcycles on the battery when the CPU turbos.
Previously to the change in 3.07, the battery would be held at the target state of charge, so if a large power draw happened for a short time, such as when the CPU turbos, the battery would drain slightly and then charge again.
Introduced in this version, the battery will not start to charge until the battery has dropped 5% below the charge limit.
As an example, if the user sets the battery charge limit to 80%, the battery will maintain a state of charge between 80% and 75%. And will not charge up to 80% until it has discharged to 75% while the system is on.
If this is activated while the battery state of charge is above the limit, the battery will discharge without drawing power from the adapter until the upper limit is reached.
Downloads
Windows
Download Link | SHA256 |
---|---|
Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_2Steps_3.23_3.24.zip | 5B9E88AEE52EE0C740168C00F5091706166B482C51B830B4EBEC9D64BB1EE33A |
Instructions for Windows Installer:
- Ensure your system is plugged into power and your battery is charged.
- Extract the contents of the zip.
- Run the following updates in sequence. After each file is run your system will automatically restart.
- Step1_Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_3.23.exe
- Step2_Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_3.24.exe
Please note that you must update with a charger attached.
Linux/LVFS
There will not be an LVFS update for this specific release because it has an Intel CSME update, which can’t be delivered through LVFS. Use the UEFI Shell update method instead for this release.
Linux/Other/UEFI Shell update
Please note, you need to update to 3.17 or later to update using EFI, as this is needed to support capsule on disk.
We have finished the beta period, and consider this release stable. You can download the release below, please follow the update instructions below.
Download Link | SHA256 |
---|---|
Framework_Laptop_13_11th_Gen_Intel_Core_BIOS_3.23_3.24_EFI.zip | 7AE770818E37121F4BC84B8CA6B7E4583C65F8F438633C88168B87E09F67F821 |
We have rewritten the update process for EFI. This new version will stage the bios onto your internal SSD and run them all together in sequence. This is to avoid issues with usb devices disconnecting and disappearing during subsequent updates during the update process, which would cause partial updates to be applied.
Troubleshooting:
If you experience ports not working after your update. Please shutdown, unplug all power sources, wait 90 seconds, and then power on again.
Note that if you use the EFI shell update with Windows, you should suspend Bitlocker if enabled before updating using the EFI updater.
Instructions for EFI shell update:
- Extract contents of zip folder to a FAT32 formatted USB drive. Cleanly unmount the drive before physically removing it, otherwise the BIOS update may not function correctly.
- Attach a charger to your device while updating.
- Boot your system while pressing F12 and boot from the thumb drive.
- Let startup.nsh run automatically.
- This will update to 3.23. The system will reboot several times and apply 4 updates.
- After applying the first update and rebooting restart and press F12 and boot from the thumb drive a second time.
- Let startup.nsh run automatically.
- This will update from 3.23 to 3.24.
Updating a Mainboard outside of a laptop
This release supports standalone updates without a battery attached only when updating using the EFI shell method only. After rebooting, please follow the onscreen instructions to update your BIOS when in standalone mode, which will require moving the power source between both sides of the Mainboard to allow PD firmware to update correctly.
Please note that the power and display output must be connected to the same side during standalone updates. Failure to do this may result in no display output during the update process.
We recommend the following update flow for standalone updates:
Part 1
Ensure that standalone operation is enabled in the bios advanced setup menu.
Display connected to upper left port.
Power connected to the lower left port.
Run the updater from EFI shell. Please follow the “Instructions for EFI shell update” to run the updater.
Select the EFI USB Boot Device.
The Updater will update the PD controller from right side. Press any key to continue updating.
Part 2
Plug the AC to the left side, then boot to EFI updater. The Updater will update the PD controller from left side. Press any key to continue updating.
After PD updates, it will reboot automatically, then start the BIOS capsule update.
Then, the EC will update after BIOS section finishes.
Security Fixes
CVE | Note | Score (CVSS Version 3.x) |
---|---|---|
CVE-2025-4275 | A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. | 7.8 |
CVE-2024-45332 | Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.6 |
Enhancements
- Update Microcode to 0xBC.
- Added Framework’s dbx key and updated the default CA of Windows Secure Boot to Microsoft UEFI CA 2023.
- Introduced Battery Charge Limiting status functionality to support Windows Smart Charging feature.
Fixes
- Fixed an issue where hardware encryption on OPAL drives could cause a missing boot drive on subsequent reboots.
- Security Fixed - CVE-2024-45332, CVE-2025-4275
Component Versions
This BIOS update is a bundle of updates to multiple embedded components in the system.
Not all of them use the same version number.
BIOS | 3.24 | Updated |
---|---|---|
EC | ec_324_a3deac9 | Updated |
PD | 3.4.0.2576 | Same |
Intel CSME | 15.0.50.2633 | Same |
Microcode | 0xBC | Updated |
Known Issues
- The EFI update will not work with filesystems that are formatted using MBR.
- If you get a security violation as part of the EFI update. Please disable secure boot.
- This update requires a battery present to complete the update.
- Linux users have reported that S3 sleep no longer works.