Updated: Apr 4, 2024
You can check your current BIOS version following the steps here to determine if you are on the latest release.
Downloads
Windows Driver Bundle
Download Link | SHA256 |
---|---|
https://downloads.frame.work/driver/Framework_Laptop_13_and_16_AMD_Ryzen_7040_driver_bundle_W11__2024_04_02.exe | 6e08a1080668b0d20e90483adb79ed76d83d376c26bea438030f40038d4a60f8 |
Note: We have migrated to a new EV code signing certificate with the subject “Framework Computer Inc”.
Driver bundle release notes
Driver | Version | Notes |
---|---|---|
AMD Chipset Driver | 5.06.29.310 | |
AMD Graphics Driver | 23.40.18.02 | Add support for AMD AFMF. https://www.amd.com/en/products/software/adrenalin/afmf.html |
Realtek Audio Driver | 6.0.9622.1 | |
Realtek Audio Console | 1.49.318.0 | |
RZ616 WiFi Driver | 3.3.0.908 | |
RZ616 Bluetooth Driver | 1.1037.0.395 | |
Goodix Fingerprint Driver | 3.12804.0.240 | Fix firmware security issue in fingerprint reader. More information here: A Touch of Pwn - Part I |
Windows BIOS
Download Link | SHA256 |
---|---|
https://downloads.frame.work/bios/Framework_Laptop_16_Amd_Ryzen7040_BIOS_3.03.exe | 0483dd511ce3c6644613d723f57cf88f8e04053c27c0103f9aed2b939bf9c955 |
Note: We have migrated to a new EV code signing certificate with the subject “Framework Computer Inc”.
Instructions for Windows Installer:
- Run the .exe.
- Click yes to reboot.
- Wait for the firmware progress bar to complete, and then the system will reboot.
Linux/LVFS
We are waiting for metadata to rebuild in 4 hours before this is available
Updating via LVFS is available in the testing channel during the beta period.
You can enable updates from testing by running
fwupdmgr enable-remote lvfs-testing
LVFS may not update if the battery is 100% charged. LVFS uses the battery status to determine if it is safe to apply updates. However if our battery is at 100% and the charger is off, we set the battery charging status to false. In this case you can discharge your battery a few percent, then plug in AC again and run fwupdmgr update.
Linux/Other/UEFI Shell update
Download Link | SHA256 |
---|---|
https://downloads.frame.work/bios/Framework_Laptop_16_Amd_Ryzen7040_BIOS_3.03_efi.zip | 8bfc3cb0db76b760fbb068a9fc2b62b4499d6feba92e563d437e251812f56a65 |
Note that if you use the EFI shell update with Windows, you should suspend Bitlocker if enabled before updating using the EFI updater.
Instructions for EFI shell update:
- Extract contents of zip folder to a FAT32 formatted USB drive. Cleanly unmount the drive before physically removing it, otherwise the BIOS update may not function correctly.
- Disable secure boot in BIOS.
- Boot your system while pressing F12 and boot from the thumb drive.
- Let startup.nsh run automatically.
- Follow the instructions to install the update.
Updating a Mainboard outside of a laptop
This release supports standalone updates without a battery attached. After rebooting, please follow the onscreen instructions to update your BIOS when in standalone mode, which will require moving the power source between both sides of the Mainboard to allow PD firmware to update correctly if a PD firmware update is necessary.
Security Fixes
Module Name | Vulnerability | Score |
---|---|---|
A8DAFB9B-3529-4E87-8584-ECDB6A5B78B6 | BRLY-2022-118 | 4.9 |
Enhancements
- Modify EC MMIO region definition to allow debug logging support.
- Add EC support for a full width expansion module. For potential future community developed projects.
Fixes
- Fixed issue with 2280 SSD disappearing after resuming from sleep in DC mode. This issue is present when the OS is installed on the 2230 SSD.
- Change the BIOS password to remove password expiry after one month.
- Modify the BIOS password complexity requirements to only require a minimum length.
- Fix several UCSI error messages on Linux when attaching/removing expansion cards.
- Fix battery cutoff behavior.
Component Versions
This BIOS update is a bundle of updates to multiple embedded components in the system.
Not all of them use the same version number.
BIOS | 3.03 | updated |
---|---|---|
EC | b4c1fb | updated |
PD | 0.0.1E | same |
AMD PI | 1.1.0.2a | updated |
Insyde Core | 05.53.47.0017 | updated |
Known Issues
Known Vulnerabilities
The following vulnerabilities were not detected by our scanner during the development of this release. However they are currently flagged during our release testing window. These will be resolved in the next release.
These are part of the following advisory:
And further documented here.
https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html
The network stack is not enabled by default in our BIOS, so the default configuration should not be exploitable.
We suggest disabling the network stack in the BIOS setup menu under boot options to mitigate this if you have enabled it.
Module Name | Vulnerability | Score |
---|---|---|
Ip6Dxe | CVE-2023-45232 | 7.5 |
Ip6Dxe | CVE-2023-45233 | 7.5 |
Dhcp6Dxe | CVE-2023-45230 | 8.3 |
UefiPxeBcDxe | CVE-2023-45234 | 8.3 |