The only thing that it flags as an issue is CSME version. Looking at the documentation for this tool: FwupdPlugin – 1.0: Host Security ID Specification It seems like this is something that has to be updated in the BIOS.
Is this something I should be worried about, or can it be disregarded?
What did you do to get Encrypted RAM? That’s showing as disabled for me, so not sure what I missed (swap and my boot disk are both encrypted as far as I can see)
IIRC there’s an option for it in the BIOS if you have the 11th gen i7-1185G7. I could be wrong, though, so it’s always worth checking. It should be near other settings related to the CPU.
It seems like we either have to wait for Intel and or Framework to release an update. I’m not really sure which one, since I’m struggling to find if patches are CPU-specific and if one is available for the 11th gen i7-1185G7.
Thank you for your patience, I’ve escalated this report to our Lead Engineer who has confirmed that this will not be updated in the forthcoming 3.17 BIOS update, but is now planned to be updated/fixed in BIOS 3.18 hopefully due later this year.
Regards,
This is great to hear. I really appreciate that they escalated the issue and that they were able to respond so quickly! Thanks Framework Support, I’m looking forward to BIOS 3.18!
I asked the support for an ETA on a new gen 11 firmware including the security fixes. Unfortunately they could not provide a time frame for the update.
Hi,
the latest firmware update (3.17) for the gen 11 did not include Intel Management Engine related security fixes. What’s the ETA for the next firmware release that will include the security fixes?
Thanks for reaching out to Framework Support. Unfortunately, we currently don’t have an estimated timeline for the next firmware release but rest assured that our team is working on it and will surely announce the details when it happens. If you have other concerns or inquiries, please don’t hesitate to reach out. Thank you for your patience.
Thanks for updating this thread and thank you for reaching out to our support team, firmware updates shouldn’t be that long to be released, will update this space once it’s out.
I am having trouble justifying an upgrade if this significant delay is indicative of how Framework is going to address known vulnerabilities in their firmware. This thread discusses a vulnerability that could/should have been addressed in an update that was released more than 6 months ago but was not and no subsequent update has been forthcoming.
I get that priority is most likely 100% on the new AMD firmware and that Framework is operating with limited resources, though this is kind of a bummer. It’s already end of June and there is no update on this topic. Like @JoshB mentioned, if this is an indicator on how framework manages firmware vulnerabilities for older devices, It’s hard to recommend them for business use even though I’d really like to.
@43c I’m grumpy that firmware related news of any kind is relegated to the backseat by the firmware team…now I’m trying to figure out just what exactly I’m going to do about it.
@GhostLegion It does suck we basically have no official timeline on firmware release for existing products with the fixes.
I saw @Kieran_Levin comment on the 12th Gen beta firmware post, They are testing out a new version and will try to get it out soon after validation.
let’s see how that goes.
