• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

ASRock Z370 Taichi, Z270 SuperCarrier (and some others, actively modding!) Firmware with Intel Management Engine Disabled

Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#1
This is simply 1.80 "Instant Flash" firmware for the Z370 Taichi (and now with help from @Mork_vom_Ork, the Z270 SuperCarrier v2.40) straight from ASRock stock unmodifed (minus some sig checks disabled) other than the Intel Management Engine firmware being scrubbed/disabled/neutered with the available me_cleaner tools from github.

There are also experimental images for other boards.

It should be noted that me_cleaner does not completely remove the Intel ME anymore (that's impossible) however it does rather install "neutered" firmware that removes as much as it can and instructs the coprocessor to shutdown the management engine completely following POST.

The effect is the management engine and all it's features no longer function. Don't install this if you depend on something the management engine provides (Intel's software TPM functionality or similar come to mind, SGX extensions maybe, not much else if anything really).

Everything else on the board works as far as I can tell, including overclocking (though I did not test BCLK OCing) and fan control.

You can revert to the old firmware at any time.

INSTRUCTIONS:

File is a zip. Unzip single contained file to FAT32 USB. Do not rename the file. Instant Flash tool in their stock UEFI will now find it and allow you to flash it (unless you turned USB support off at boot time, of course).

If you get a sig check warning, try flashing from an older stock bios.

Also, you are downloading this from a PC that is actively crypto mining. It shouldn't effect anything, and is being done to save energy over a separate server, but needless to say if your download breaks, it probably rebooted. Try again.

Questions/comments go in this thread. Technical discussion / bug reports only please. I want to keep this thread clean of any politics besides my own. :laugh:

Stable Board Downloads here:

Experimental Board Firmware here: (be sure and read the readme/warning for these images)


The two sections are optional reading, and apply (mostly) to when this thread only supported the Z370 Taichi.

Some tech notes: This was a bit more than just running "me_cleaner.py" on the bios image. ASRock won't flash the ME region of the bios unless it thinks it's newer than the existing one. So I had to splice in newer than ASRock's latest ME firmware (it exists) and then disable that particular ME image with me_cleaner. ASRock Firmware then accepts it as newer and will flash it to the ME region, disabling the Intel ME entirely. From there, you can revert back to ME-enabled firmware freely, because this special image identifies as "Intel ME version 0.0.0.0" so ASRock thinks literally ANY other image on earth is newer than this one. It's harmless to try, though obviously you do so at your own risk, like any BIOS flash. I will say I have had absolutely zero issues.

Note that I can support other boards but I'm familiar most with GIGABYTE and ASRock sig checks (with maybe a side of ASUS), and I won't be able to test preflash, so you would have to flash at your own risk with no testing done.

Some political notes: I do not subscribe to the idea that the Intel Management Engine is a "NSA backdoor" or any of that tinfoil-hat garbage. People who don't understand technology need to get a grip and listen to those who at least somewhat do: There's really no way it can be, as it's web traffic and stack is wiresharkable so if that were the case we'd know by today. Yes they could encrypt it but we'd still see an encrypted data stream at random times that'd be suspicious, and we don't. To Intel's limited credit, it actually seems to try to do exactly what it says on the tin. But what I object to (and what I hate equally about AMD's PSP) is that this is effectively a closed binary which has been found to have many holes, many times. From a security perspective, you are much better off disabling it, regardless of what Intel intends. As far as AMD vs Intel, there is no "psp_cleaner" and little research has been done into AMD's PSP, so for the security minded, I'd say an Intel platform is still far better given we understand far more about this ghost in our machine (and thus how to defeat it) than the other teams. I am unaware of anyway to defeat the PSP, and if AMD's claims are to be believed, it's actually not possible as it sets up essential boot time memory. Seriously bad practice if true, IMO.
 
Last edited:

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
23,752 (5.68/day)
Likes
7,684
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
#2
This is simply 1.80 "Instant Flash" firmware for the Z370 Taichi straight from ASRock stock unmodifed (minus some sig checks disabled) other than the Intel Management Engine firmware being scrubbed/disabled/neutered with the available me_cleaner tools from github.

It should be noted that me_cleaner does not completely remove the Intel ME anymore (that's impossible) however it does rather install "neutered" firmware that removes as much as it can and instructs the coprocessor to shutdown the management engine completely following POST.

The effect is the management engine and all it's features no longer function. Don't install this if you depend on something the management engine provides (Intel's software TPM functionality or similar come to mind, SGX extensions maybe, not much else if anything really).

Everything else on the board works as far as I can tell, including overclocking (though I did not test BCLK OCing) and fan control.

You can revert to the old firmware at any time.

INSTRUCTIONS:

File is a zip. Unzip single contained file to FAT32 USB. Do not rename the file. ASRock Instant Flash tool in their stock UEFI will now find it and allow you to flash it (unless you turned USB support off at boot time, of course).

Also, you are downloading this from a PC that is actively crypto mining. It shouldn't effect anything, and is being done to save energy over a seperate server, but needless to say if your download breaks, it probably rebooted. Try again.

Questions/comments go in this thread. Technical discussion / bug reports only please. I want to keep this thread clean of any politics besides my own. :laugh:

Downloads here:


The two sections are optional reading.

Some tech notes: This was a bit more than just running "me_cleaner.py" on the bios image. ASRock won't flash the ME region of the bios unless it thinks it's newer than the existing one. So I had to splice in newer than ASRock's latest ME firmware (it exists) and then disable that particular ME image with me_cleaner. ASRock Firmware then accepts it as newer and will flash it to the ME region, disabling the Intel ME entirely. From there, you can revert back to ME-enabled firmware freely, because this special image identifies as "Intel ME version 0.0.0.0" so ASRock thinks literally ANY other image on earth is newer than this one. It's harmless to try, though obviously you do so at your own risk, like any BIOS flash. I will say I have had absolutely zero issues.

Note that I can support other boards but I'm familiar most with GIGABYTE and ASRock sig checks (with maybe a side of ASUS), and I won't be able to test preflash, so you would have to flash at your own risk with no testing done.

Some political notes: I do not subscribe to the idea that the Intel Management Engine is a "NSA backdoor" or any of that tinfoil hate-garbage. People who don't understand technology need to get a grip and listen to those who at least somewhat do: There's really no way it can be, as it's web traffic and stack is wiresharkable so if that were the case we'd know by today. Yes they could encrypt it but we'd still see an encrypted data stream at random times that'd be suspicious, and we don't. To Intel's limited credit, it actually seems to try to do exactly what it says on the tin. But what I object to (and what I hate equally about AMD's PSP) is that this is effectively a closed binary which has been found to have many holes, many times. From a security perspective, you are much better off disabling it, regardless of what Intel intends. As far as AMD vs Intel, there is no "psp_cleaner" and little research has been done into AMD's PSP, so for the security minded, I'd say an Intel platform is still far better given we understand far more about this ghost in our machine (and thus how to defeat it) than the other teams. I am unaware of anyway to defeat the PSP, and if AMD's claims are to be believed, it's actually not possible as it sets up essential boot time memory. Seriously bad practice if true, IMO.
What about System Management bus?
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#3
What about System Management bus?
SMBus has little to do with the risks of the management engine. AFAIK it only is a simple two wire bus for things like power management, has no real processing abilities, and is inapplicable here / we certainly wouldn't want to disable it. Honestly, I'm not even sure if that's possible.

If your asking if power management and such function, yes, they do. SMbus is not disabled.

Some reading.

https://en.wikipedia.org/wiki/System_Management_Bus
 
Last edited:

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
23,752 (5.68/day)
Likes
7,684
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
#4
SMBus has little to do with the risks of the management engine. AFAIK it only is a simple two wire bus for things like power management, has no real processing abilities, and is inapplicable here / we certainly wouldn't want to disable it. Honestly, I'm not even sure if that's possible.

If your asking if power management and such function, yes, they do. SMbus is not disabled.

Some reading.

https://en.wikipedia.org/wiki/System_Management_Bus

Okay so it's a self-contained bus then not able to be extremely modified other than a firmware update so it has no Communications Bridge with the internet.

Just the name itself, made my stomach tied in a knot.

Yeah I just never looked up the SM bus
 
Joined
Mar 23, 2016
Messages
1,465 (1.48/day)
Likes
1,617
Location
AK, USA
Processor Ryzen 5 2600X
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) XFX RS RX 480 GPU @ 1288 MHz - 1.040 mV from 1.175 | GDDR5 @ 2075 MHz
Storage Samsung 850 EVO 250 GB, SanDisk Ultra II 480 GB
Display(s) IP2362 OCed refresh rate - 76Hz (Freesync supported over HDMI with CRU)
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Realtek ALC887 (dead)
Power Supply EVGA 850 BQ
Mouse Kingston HyperX Pulsefire FPS
Keyboard Logitech K520
Software Windows 10 Professional 64-bit
#5
Shame the x86 Quark on the PCH couldn't be re-purposed after POST.
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#6
Shame the x86 Quark on the PCH couldn't be re-purposed after POST.
The firmware is signed, or I'd be doing all sorts of fun assembly code with it. ;)

Though it's actually in the CPU now. Versions on the PCH weren't x86, I think they were actually ARC cores.

The only reason we are able to do this is because Intel was kind enough to not check certain firmware volumes signatures if they don't exist, at least at present. Frankly, I'm surprised they've kept that policy this long.
 
Joined
Jun 29, 2011
Messages
347 (0.13/day)
Likes
70
System Name ---
Processor Ryzen 1600
Motherboard ASRock Taichi X370
Cooling Noctua D15
Memory G.Skill 3200 DDR4 2x8GB
Video Card(s) EVGA 1080 TI
Storage 500GB Samsung Evo 960 NVMe + 5x 2TB HDDs
Display(s) LG EF9500 55"
Case Haf X (Red)
Audio Device(s) Onboard
Power Supply Corsair AX850
#7
This is the first I have ever heard about IME. I only clicked the link because I have this motherboard. What is the benefit of going through this? Just to prevent potential security breeches?
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#8
Yes, basically. You trade some mostly insignificant functionality for better security.
 

tpupusr

New Member
Joined
May 30, 2018
Messages
2 (0.01/day)
Likes
1
#9
Hi, would you walk us through the process of doing this for an Asus Strix Z370-G Gaming bios? I really want to build a m-atx system and this looks like the best board. I'm comfortable doing external flashing of SPI chip if that's necessary or applicable. Thanks a lot!
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#10
Hi, would you walk us through the process of doing this for an Asus Strix Z370-G Gaming bios? I really want to build a m-atx system and this looks like the best board. I'm comfortable doing external flashing of SPI chip if that's necessary or applicable. Thanks a lot!
I tried a recent ASUS board (the somewhat similar Z270F in the "EXPERIMENTAL" folder, doesn't work BTW so was removed) and ASUS has made it harder since they went all "capsule" based images. I'm actually surprised, because I can't find a work around for any of the more recent ASUS boards.

Your best "sure-fire" bet is to open your stock image in a tool like "UEFITool" and extracting as-is the "Intel Image" segment directly beneath the capsule. Then mod that, and SPI flash that to your board.

If you want I can prepare an SPI flashable image for you, if you know how to SPI flash.

EDIT:

There are now two experimental images in the http://glacialsoftware.net/FIRMWARE/EXPERIMENTAL/ folder supporting the Strix Z370-G

The .CAP version MIGHT just work via q-flash in the bios, but it's a long shot (will most likely fail to flash the ME harmlessly, no real brick risk there, it will just skip the ME update part of the flash). It's more likely this will work than that if you have to not use an external programmer, but there is a small brick risk:

Using the ASUS AI Suite
Our Forum member Wishbringer reported, that he was able to successfully flash modded *.CAP BIOSes into the BIOS chip of several Intel 7-, 8- and 9-Series Chipset ASUS mainboards by doing the following:
  1. Download AI-Suite (when not for Win10 available use Version for 8.1)
  2. Start Easy Update for BIOS Update in Windows, select ORIGINAL file (then some timeconsuming checking seems to happen)
  3. Before start flashing delete selected original file and replace with modded one (same name, same location).
  4. Proceed with bios flash.
Credit to win-raid.com forums.

There is also a .ROM version of the image. An SPI programmer can use that. I am not sure if it'll preserve your mac address or if that is saved in your old image though, so make a back up of your original image in case you need "AFS" (After Flashing Support) to patch that back in. ;)
 
Last edited:

tpupusr

New Member
Joined
May 30, 2018
Messages
2 (0.01/day)
Likes
1
#11
R-T-B, Thank you for the informative and helpful response. There is a lot for me to parse through here. I've been doing some additional reading and came across this link:
https://github.com/corna/me_cleaner/issues/98#issuecomment-345777663

Is this essentially what you did? I'm interested in learning the actual process myself (though I very much appreciate your supplied files and may end up using them if I can't figure it out on my own).

Finally, as a general question, it seems like as long as I'm using an external SPI programmer, I have three least likelihood of bricking the system since I can always just rewrite the original bios backup. Correct? (Btw, I'm using a RPI with a chip clip and flashrom).

Thanks again!
 
Last edited:
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#12
Is this essentially what you did? I'm interested in learning the actual process myself (though I very much appreciate your supplied files and may end up using them if I can't figure it out on my own).
Yes for the .ROM image, although my .ROM does not contain a MAC and it appears you WILL need to transfer that manually (unless you like your mac being "88:88:88:88:88", which can be an issue). I can help you with advice on how to do that if you'd like. :)

Finally, as a general question, it seems like as long as I'm using an external SPI programmer, I have three least likelihood of bricking the system since I can always just rewrite the original bios backup. Correct? (Btw, I'm using a RPI with a chip clip and flashrom).
Yep, with an SPI and chip clip as long as you can read/flash succesfully and have a backup there is really no brick risk. Actually, it can even be a profitable endeavor to rescue "bad bios flash" board from ebay this way if so inclined. ;)

Thanks again!
No problem! Good luck. :)
 
Joined
Jun 2, 2018
Messages
24 (0.13/day)
Likes
13
#13
Hi there R-T-B,

ist possible to just do the "Intel ME version 0.0.0.0" stuff on latest ASRock Z270 Super Carrier bios 2.40 - so i can flash ME firmware with v11.6.xx.xx ?
Currently i have ME firmware 11.8.50.34, but i need to downgrade to 11.6.10.xx - which then might be possible w/o smi programming the whole BIOS chip with an earlier BIOS (like 2.20).
I could upload the desired BIOS somewhere if you could manage this.

Any help is appreciated,
regards... Mork vom Ork
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#14
Hi there R-T-B,

ist possible to just do the "Intel ME version 0.0.0.0" stuff on latest ASRock Z270 Super Carrier bios 2.40 - so i can flash ME firmware with v11.6.xx.xx ?
Currently i have ME firmware 11.8.50.34, but i need to downgrade to 11.6.10.xx - which then might be possible w/o smi programming the whole BIOS chip with an earlier BIOS (like 2.20).
I could upload the desired BIOS somewhere if you could manage this.

Any help is appreciated,
regards... Mork vom Ork
I can certainly try, but out of curiousity, why downgrade? Most of the time that's a pretty bad idea...
 
Joined
Jun 2, 2018
Messages
24 (0.13/day)
Likes
13
#15
cause i want to try to get an i3-8350K CoffeeLake CPU running on that board - and therefor i need to downgrade to ME 11.6.xx.xx - cause Intel disabled this feature in all newer ME firmwares.
Of cause you need to modify some other values within the BIOS, too - like Coffeelake Microcode, lates VBIOS and GOP driver - but this all is already done.
 
Joined
Oct 17, 2014
Messages
1,756 (1.16/day)
Likes
792
Location
USA
System Name $170 family PC, rest was reused old parts.
Processor Ryzen Athlon 200GE @ 3.2Ghz ($55)
Motherboard Biostar A320M Pro ($42)
Memory 8gb (2x4) DDR4 2666 CAS 15-15-15 ($63)
Video Card(s) Vega 3 Integrated
Storage 120GB SSD
Display(s) AOC 22V2H 21.5" Frameless 75hz Freesync
Case Thermaltake View 22
Audio Device(s) Schiit Modi 3 + Custom Tube Amp + Sennheiser HD58X
Power Supply Corsair 750w Bronze
Mouse Roccat Kone AIMO
Keyboard Logitech G610+ Cherry MX Red
Software Ubuntu
#16
Almost bought that mobo, but I got the MSI Z370 Tomahawk on sale for $105 shipped, and it apparently has better VRM cooling than most mobos according to tweaktown. My first choice was this Taichi though.
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#17
cause i want to try to get an i3-8350K CoffeeLake CPU running on that board - and therefor i need to downgrade to ME 11.6.xx.xx - cause Intel disabled this feature in all newer ME firmwares.
Of cause you need to modify some other values within the BIOS, too - like Coffeelake Microcode, lates VBIOS and GOP driver - but this all is already done.
AFAIK scrubbing the ME may acomplish the same thing, but I will produce a scrubbed image for you to try. If it does not work, try downgrading, it should allow it if it behaves like the Taichi...

Expect an experimental image later today. Obviously you try it at your own risk.

EDIT: If you have an image you want me to try this on, please upload it somewhere and link. I'll begin work on this probably around noon PST if it's available by then. I'll also produce a "stock" image for my collection of course.
 
Last edited:
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#19
Thanks. That archive has both 2.40 (stock) and 2.50 (modded), with your changes aparently in 2.50. Is there any reason for me to mod both, or is 2.50 enough?

Your board doesn't have any kind of antidowngrade other that the ME stuff, right?
 
Joined
Jun 2, 2018
Messages
24 (0.13/day)
Likes
13
#20
2.50 is right of cause. didn't noticed, that 2.40 is also in that ZIP file.
And yes, you are right: no other way to downgrade firmware in any other way.

YOU ARE OUR LAST HOPE, Obi Wan Kenobi.
 
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#21
Hello, all done. As usual, this is completely untested so I suggest you are prepared to buy a programmer if something goes wrong:

This should work in the native UEFI flashing app:

http://glacialsoftware.net/FIRMWARE/EXPERIMENTAL/

First, download the one without the "CL" and flash it. You should be at version 0.0.0.0 now.

Now, download the one marked "CL." It should support Coffee Lake from including your mods.

You may need to rename them their stock names for the flashing app to find them. BTW there is no 2.50 version, there is only 2.40. I assume you did a little version bump of your own. ;)
 
Joined
Jun 2, 2018
Messages
24 (0.13/day)
Likes
13
#22
Thanx in advance. I will try now, so stay tuned for my feedback.
And yes: i named the file 2.50 to recognize that this one was the modified bios when flashing through instant flash.

I'll be back.
 
Joined
Jun 2, 2018
Messages
24 (0.13/day)
Likes
13
#24
First thing: i'll be back with successfully flashed modded non "CL" bios. So this one works.
But: when i try to flash ME firmware to 11.6.10.xx, the flasher already asks: "do you really want to downgrade firmware?" and after that i got the message, that downgrading ME firmware is not supported: please contact your vendor.

But generally the modified bios worked. But System ist still on ME Firmware 11.8.50.34.
Anything else i could try?

maybe we could try with SuperCarrier bios v2.20 - cause that one contains the desired ME firmware within the original file provided by ASRock, while v2.40 has originally ME firmware 11.8.50.3460
i will be so gradefull if you could try it on originally ASRock Z270SC_2.20, which can be downloaded here: http://asrock.pc.cdn.bitgravity.com/BIOS/1151/Z270 SuperCarrier(2.20)ROM.zip
 
Last edited:
Joined
Aug 20, 2007
Messages
10,300 (2.49/day)
Likes
9,260
System Name Pioneer
Processor Intel i7 8700k @ 5.0 GHz All-Core + Uncore & AVX Offset @ 0
Motherboard ASRock Z370 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 Enterprise (From former workplace, yay no telemetry)
Benchmark Scores FSext/TS: FSext 10747:https://www.3dmark.com/fs/17332031 TS 8145:https://www.3dmark.com/spy/5311680
#25
I'm out now, but would like to give it another try with that image (it is likely rejecting my image due to it being based on generic 11.6). Will attempt when I get back. Be done likely by 3pm PST

EDIT: Got back way earlier than anticipated, man!

New revision 2 for you to try @Mork_vom_Ork, please download and attempt.

http://glacialsoftware.net/FIRMWARE/EXPERIMENTAL/

If it does not work, don't dispair as long as it flashes at least part of it you are likely ok! This image attempts to also unlock the flash descriptor, which means it may allow us some sneakier ways to flash a downgrade. Get in touch with me by PM if you do not see your ME version drop after this. I would be happy to set up a chat to personally assist you. No fee, just want to expand my library of supported boards and your help is pay enough. :)

I have a sneaking suspicion this dxe module is all that was blocking you though, removed now... ;)

MeFwDowngradeDxe.png
 
Last edited:
Top