Clevo BIOS update for Insyde vulnerability?

[SuffolkPunch]

I have just heard that the Insyde H2O BIOS (v1.07.07) on my Lafite Pro (a re-badged Clevo N141ZU) probably has serious vulnerabilities. See
https://binarly.io/news/BinarlyDiscoversHighImpactVulnerabilitiesinFirmwareImpactingMillionsofEnterpriseDevices/index.html , or google 'binarly insyde'.

PCSpecialist Support helpfully made available to me the latest BIOS version for the N141ZU in a zip file (N13x_N14xZU.nonPCS.1.07.15.zip) which I assume means version 1.07.15. However, they were unable to say what the latest BIOS version fixes, because Clevo provide little specific detail.

I am loath to re-flash the BIOS unless I know that it fixes the vulnerability!

Can anyone help?

 

[SpyderTracks]

I have just heard that the Insyde H2O BIOS (v1.07.07) on my Lafite Pro (a re-badged Clevo N141ZU) probably has serious vulnerabilities. See
https://binarly.io/news/BinarlyDiscoversHighImpactVulnerabilitiesinFirmwareImpactingMillionsofEnterpriseDevices/index.html , or google 'binarly insyde'.

PCSpecialist Support helpfully made available to me the latest BIOS version for the N141ZU in a zip file (N13x_N14xZU.nonPCS.1.07.15.zip) which I assume means version 1.07.15. However, they were unable to say what the latest BIOS version fixes, because Clevo provide little specific detail.

I am loath to re-flash the BIOS unless I know that it fixes the vulnerability!

Can anyone help?

You'd need to liaise with PCS, none of us work for them so can't comment.

 

[SuffolkPunch]

You'd need to liaise with PCS, none of us work for them so can't comment.

My post here came after chatting to PCS support. So no, unfortunately, they don't know in any useful detail what issues are fixed in any Clevo/Insyde BIOS up-dates. I posted in the hope that someone on these forums might know more (somehow)!

SP

 

[SpyderTracks]

My post here came after chatting to PCS support. So no, unfortunately, they don't know in any useful detail what issues are fixed in any Clevo/Insyde BIOS up-dates. I posted in the hope that someone on these forums might know more (somehow)!

SP

Could you post your full specs from the order page?

The only other way to find out is email clevo directly then I guess. There's no way of knowing what a BIOS update does without having a changelog, most of the time BIOS updates don't add any features, it's normally microcode updates or added support for memory dimms or something like that, there's no way anyone would know without being advised by Clevo.

 

[SuffolkPunch]

Could you post your full specs from the order page?

Happy to, but I don't see how that helps in this case!

The only other way to find out is email clevo directly then I guess.

Have emailed the UK firm listed on the Clevo contact page. Not holding my breath!

SP

 

[Scott]

Is there not a changelog in the Zip file?

 

[SuffolkPunch]

Is there not a changelog in the Zip file?

Not as far as I can see. There are .exe, .efi, .NSH, .dll, .bin files, and one pdf (which tells you how to do the BIOS update) and one .txt file. Neither the pdf nor the txt file contain changelog info.

I wonder if anyone on this forum has seen a changelog in a Clevo BIOS zip file?

 

[SpyderTracks]

Not as far as I can see. There are .exe, .efi, .NSH, .dll, .bin files, and one pdf (which tells you how to do the BIOS update) and one .txt file. Neither the pdf nor the txt file contain changelog info.

I wonder if anyone on this forum has seen a changelog in a Clevo BIOS zip file?

Clevo only liaise with OEMs, so if PCS don't know, then it's only Clevo that could tell you. Bit it's really PCS responsibility to get her that info as the OEM.

The reason I was asking for your specs was to confirm you're a PCS customer as the forum is only for support on PCS systems

 

[SuffolkPunch]

Here's my laptop order spec:

Chassis & Display
Lafité Series: Aluminium Chassis: 14" Matte Full HD IPS LED (1920 x 1080)
Processor (CPU)
Intel® Core™ i5 Quad Core Processor i5-8265U (1.60GHz, 3.9GHz Turbo)
Memory (RAM)
8GB Corsair 2133MHz SODIMM DDR4 (1 x 8GB)
Graphics Card
INTEL® HD GRAPHICS (CPU Dependant) - 1.7GB Max DDR4 Video RAM - DirectX® 12
1st M.2 SSD Drive
250GB SAMSUNG 970 EVO PLUS M.2, PCIe NVMe (up to 3500MB/R, 2300MB/W)
1st Storage Drive
1TB SEAGATE 7mm SERIAL ATA III 2.5" HARD DRIVE WITH 128MB CACHE (5,400rpm)
Memory Card Reader
Integrated 6 in 1 Card Reader (SD /Mini SD/ SDHC / SDXC / MMC / RSMMC)
AC Adaptor
1 x Lafité Series 40W AC Adaptor
Power Cable
1 x 1.5 Metre Cloverleaf UK Power Cable
Battery
Lafité Series Integrated 3 Cell Lithium Ion Battery (36WH)
Sound Card
Intel 2 Channel High Definition Audio + MIC/Headphone Jack
Wireless Network Card
GIGABIT LAN & WIRELESS INTEL® AC-9260 M.2 (1.73Gbps, 802.11AC) +BT 5.0
USB/Thunderbolt Options
1 x USB 3.1 PORT (Type C) + 2 x USB 3.1 PORTS
Keyboard Language
LAFITÉ SERIES SINGLE COLOUR BACKLIT UK KEYBOARD
Operating System
Windows 10 Home 64 Bit - inc. Single Licence [KK3-00002]
Operating System Language
United Kingdom - English Language
Windows Recovery Media
Windows 10 Multi-Language Recovery Image - Supplied on USB Drive
Office Software
Microsoft® Office Home & Business 2019 (1 Digital License)
Anti-Virus
NO ANTI-VIRUS SOFTWARE
Browser
Microsoft® Edge
Carry Case
Trust 15.6"/16" Notebook Carry Bag Classic
Keyboard & Mouse
LOGITECH® OPTICAL USB MOUSE
Webcam
INTEGRATED 1MP HD WEBCAM
Warranty
3 Year Standard Warranty (1 Month Collect & Return, 1 Year Parts, 3 Year Labour)
Delivery
STANDARD INSURED DELIVERY TO UK MAINLAND (MON-FRI)
Build Time
FAST TRACK 5 WORKING DAY DISPATCH
Promotional Item
Get Battlefield 1, creative software & More w/ select Intel CPUs!
Welcome Book
PCSpecialist Welcome Book - United Kingdom & Republic of Ireland
Logo Branding
PCSpecialist Logo