10-14-2017 09:26 PM - last edited on 03-05-2024 06:22 PM by ROGBot
03-08-2018 11:06 AM
xrs01 wrote:
I have ASUS H170 PRO GAMING motherboard with Asus TPM-M R2.0 14-1 Pin TPM Module installed. When I try to upgrade the firmware, I get:
Infineon Technologies AG TPMFactoryUpd Version 01.01.2212.00
[2018-01-21 18:28:29.840]
Error: open "TVicPort"-Driver failed !!!
Error initializing LowLevelIO: 0xE0295200
Error detected:
Final code: 0xE0295200
Final message: No connection to the TPM or TPM not found.
Module: ..\Common\DeviceManagement.c; Function: DeviceManagement_Connect; Line: 340
Code: 0xE0295200
Message: TPMConnect failed: 0xE0295200
I have copied all files from "...\Tools\WinPE\Bin\x64\" to the "...\Firmware\" directory. And used "TPMFactoryUpd.exe -update config-file -config TPM20_latest.cfg" command in CMD (executed as administrator).
Anyone else is having this problem?
05-24-2018 05:42 AM
xrs01 wrote:
I have ASUS H170 PRO GAMING motherboard with Asus TPM-M R2.0 14-1 Pin TPM Module installed. When I try to upgrade the firmware, I get:
Infineon Technologies AG TPMFactoryUpd Version 01.01.2212.00
[2018-01-21 18:28:29.840]
Error: open "TVicPort"-Driver failed !!!
Error initializing LowLevelIO: 0xE0295200
Error detected:
Final code: 0xE0295200
Final message: No connection to the TPM or TPM not found.
Module: ..\Common\DeviceManagement.c; Function: DeviceManagement_Connect; Line: 340
Code: 0xE0295200
Message: TPMConnect failed: 0xE0295200
I have copied all files from "...\Tools\WinPE\Bin\x64\" to the "...\Firmware\" directory. And used "TPMFactoryUpd.exe -update config-file -config TPM20_latest.cfg" command in CMD (executed as administrator).
Anyone else is having this problem?
06-01-2018 08:26 AM
06-01-2018 04:02 PM
PhoenixFlame9 wrote:
I made a profile here a few days ago but couldn't post. Here is how you can update the TPM firmware, using Asus's files.
The Asus firmware files do update the TPM to 5.63. Be aware that there are two different firmware files. One to update from 5.61 to 5.63, and another to update from 5.51 to 5.63. Be sure you grab the correct file from Asus's website or you won't be able to update the firmware. I updated from 5.51 to 5.63.
Be sure to disable Bitlocker in windows, and allow for the drives to decrypt before flashing the TPM firmware. In order to do this, you will be booting from a USB stick, which is why you have to turn off certain features in the BIOS. Just follow the instructions provided by Asus. I put the EFI and Tools folder in the root directory of my thumb drive, and I made sure my thumb drive was formatted FAT32. I put the EFI folder in the root directory, not the TPM.... folder because this is what I am used to in getting something to boot from a stick, but you may be able to put the TPM... folder in the root directory as well. It took a few boots, but then I booted into the provided EFI Shell. Once it boots into the shell, you only have a few seconds to press any key so that it stays in the shell.
Now this is where the Asus instructions are severely lacking.
The instructions tell you to go to fs0 and work from there, but the USB stick may not be assigned to fs0, I think mine was assigned to fs4 or fs5. So here is what you do. Key in fs0: then hit enter. Then Key in DIR and hit enter. This will list the folders and files in fs0. If this looks like your thumb drive, great, otherwise Key in fs1: and hit enter. Repeat the DIR, etc. and continue until you find which fs number is your thumb drive.
Now that you are on your thumb drive you need to navigate to the x64 directory. To do that you look at the folders in your directory. So for me I had to do cd Tools then hit enter. This puts you in the Tools folder. Then continue with cd UEFI etc. I like to do this one folder at a time, but you can do more if you are comfortable with it. Once you are in the x64 folder, you will need to type the long command TPMFactoryUpd -update tpm20-emptyplatformauth -firmware
TPM20_5.61.2785.0_to_TPM20_5.63.3144.0.BIN and press enter. (The instructions are missing a T, but I added it here. Be aware that if you are updating from TPM5.51 then instead of copying that command directly, do a DIR and you will see a file called TPM20_5.51... You will need to type this in place of the listed BIN file in that command. After hitting enter you will see a message showing you the status, and hopefully it will say successfully updated. I did get some kind of error message after the firmware update messages, but when I got back into the BIOS I could see that the firmware has successfully updated to 5.63, so I don't know what that was all about.
Proceed at your own risk.
03-11-2022 04:03 PM
PhoenixFlame9 wrote:
I made a profile here a few days ago but couldn't post. Here is how you can update the TPM firmware, using Asus's files.
The Asus firmware files do update the TPM to 5.63. Be aware that there are two different firmware files. One to update from 5.61 to 5.63, and another to update from 5.51 to 5.63. Be sure you grab the correct file from Asus's website or you won't be able to update the firmware. I updated from 5.51 to 5.63.
Be sure to disable Bitlocker in windows, and allow for the drives to decrypt before flashing the TPM firmware. In order to do this, you will be booting from a USB stick, which is why you have to turn off certain features in the BIOS. Just follow the instructions provided by Asus. I put the EFI and Tools folder in the root directory of my thumb drive, and I made sure my thumb drive was formatted FAT32. I put the EFI folder in the root directory, not the TPM.... folder because this is what I am used to in getting something to boot from a stick, but you may be able to put the TPM... folder in the root directory as well. It took a few boots, but then I booted into the provided EFI Shell. Once it boots into the shell, you only have a few seconds to press any key so that it stays in the shell.
Now this is where the Asus instructions are severely lacking.
The instructions tell you to go to fs0 and work from there, but the USB stick may not be assigned to fs0, I think mine was assigned to fs4 or fs5. So here is what you do. Key in fs0: then hit enter. Then Key in DIR and hit enter. This will list the folders and files in fs0. If this looks like your thumb drive, great, otherwise Key in fs1: and hit enter. Repeat the DIR, etc. and continue until you find which fs number is your thumb drive.
Now that you are on your thumb drive you need to navigate to the x64 directory. To do that you look at the folders in your directory. So for me I had to do cd Tools then hit enter. This puts you in the Tools folder. Then continue with cd UEFI etc. I like to do this one folder at a time, but you can do more if you are comfortable with it. Once you are in the x64 folder, you will need to type the long command TPMFactoryUpd -update tpm20-emptyplatformauth -firmware
TPM20_5.61.2785.0_to_TPM20_5.63.3144.0.BIN and press enter. (The instructions are missing a T, but I added it here. Be aware that if you are updating from TPM5.51 then instead of copying that command directly, do a DIR and you will see a file called TPM20_5.51... You will need to type this in place of the listed BIN file in that command. After hitting enter you will see a message showing you the status, and hopefully it will say successfully updated. I did get some kind of error message after the firmware update messages, but when I got back into the BIOS I could see that the firmware has successfully updated to 5.63, so I don't know what that was all about.
Proceed at your own risk.
08-16-2022 01:27 AM
Charlie Woken wrote:
Problem of updating TPM solved -- Booting sequence.
Post # 102 provides good directions regarding the sequence to follow to load the update.
TPM Version 5.63.3353.0
Today I updated to version 5.63.3353.0. I used the link from post #117 and got the files from PremaMod.
01-25-2018 09:00 PM
rasmorthil wrote:
In case it is helpful to someone, I found a way to update my Asus TPM-M R2.0 14-1 Pin TPM Module to the latest 5.62.3126.0 firmware (previously the TPM had the 5.61.2785.0 firmware with the vulnerability).
Supermicro (a great server company) sells Infineon-based TPMs - e.g., see http://supermicro.com/products/accessories/addon/AOM-TPM-9665V.cfm. Unlike Asus (:mad:) Supermicro has issued the latest firmware security updates for their Infineon TPM modules. Their update packages appear to be general Infineon updates, so I figured it'd be worth a try to update my Asus module using one.
Note that you should only attempt this sort of update if you know what you are doing!! If you aren't adept at the command line or if this is all new to you, then DO NOT ATTEMPT THIS. YOU CAN LOSE DATA IF YOU ARE USING BITLOCKER, etc.!!!
I'll explain what I did and if you want to try with your system/TPM module you will need to adapt as appropriate for your system.
1. You can find TPM update packages by browsing to ftp://ftp.supermicro.com/driver/TPM/. In my case I looked at the various firmwares included, and the "9665FW update package_1.1.zip" bundle contained firmware that matched my Asus TPM. So be sure to pick the right update bundle for your TPM (?).
2. I completely turned OFF and disable Bitlocker and Windows Hello. You must decrypt your drive so that the TPM is NOT in use!
3. I ran "tpm.msc" and executed the "Clear TPM..." option in Action. This rebooted the machine and the Asus BIOS had me press F12 to clear the TPM.
4. After rebooting again, I then booted into the BIOS and turned the TPM completely OFF in the BIOS settings. You must completely disable Windows' use of the TPM in order to update the firmware.
5. I booted back into Windows, and extracted the firmware update package bundle. For ease of operation I then copied the Windows update executable from the "...\Tools\WinPE\Bin\x64\" directory into the "...\Firmware\" directory.
6. I then ran an Administrator command prompt, and changed to the "...\Firmware\" directory. Then I ran "TPMFactoryUpd.exe -update config-file -config TPM20_latest.cfg". The updater detected my TPM, and flash updated to the latest firmware in the bundle. Again, if you try this your command line may need to be different (use "TPMFactoryUpd.exe -?" for command line help with the tool).
7. Then I rebooted back to the BIOS, turned the TPM back on, and re-enabled everything, and "tpm.msc" shows that my Asus TPM has been updated and no longer has the vulnerability.
Note that the update bundle also includes a UEFI updater that you can run from the BIOS, but I didn't bother doing that because I didn't have time to figure it out.
Anyway I hope this is helpful to others!
01-26-2018 06:05 PM
mrbillishere wrote:
I just ran the update on my 14-pin ASUS TPM-M R2.0 module and it worked perfectly the first time using your instructions.
This is excellent. rasmorthil you deserve a medal.
01-28-2018 01:21 PM
rasmorthil wrote:
In case it is helpful to someone, I found a way to update my Asus TPM-M R2.0 14-1 Pin TPM Module to the latest 5.62.3126.0 firmware (previously the TPM had the 5.61.2785.0 firmware with the vulnerability).
Supermicro (a great server company) sells Infineon-based TPMs - e.g., see http://supermicro.com/products/accessories/addon/AOM-TPM-9665V.cfm. Unlike Asus (:mad:) Supermicro has issued the latest firmware security updates for their Infineon TPM modules. Their update packages appear to be general Infineon updates, so I figured it'd be worth a try to update my Asus module using one.
Note that you should only attempt this sort of update if you know what you are doing!! If you aren't adept at the command line or if this is all new to you, then DO NOT ATTEMPT THIS. YOU CAN LOSE DATA IF YOU ARE USING BITLOCKER, etc.!!!
I'll explain what I did and if you want to try with your system/TPM module you will need to adapt as appropriate for your system.
1. You can find TPM update packages by browsing to ftp://ftp.supermicro.com/driver/TPM/. In my case I looked at the various firmwares included, and the "9665FW update package_1.1.zip" bundle contained firmware that matched my Asus TPM. So be sure to pick the right update bundle for your TPM (?).
2. I completely turned OFF and disable Bitlocker and Windows Hello. You must decrypt your drive so that the TPM is NOT in use!
3. I ran "tpm.msc" and executed the "Clear TPM..." option in Action. This rebooted the machine and the Asus BIOS had me press F12 to clear the TPM.
4. After rebooting again, I then booted into the BIOS and turned the TPM completely OFF in the BIOS settings. You must completely disable Windows' use of the TPM in order to update the firmware.
5. I booted back into Windows, and extracted the firmware update package bundle. For ease of operation I then copied the Windows update executable from the "...\Tools\WinPE\Bin\x64\" directory into the "...\Firmware\" directory.
6. I then ran an Administrator command prompt, and changed to the "...\Firmware\" directory. Then I ran "TPMFactoryUpd.exe -update config-file -config TPM20_latest.cfg". The updater detected my TPM, and flash updated to the latest firmware in the bundle. Again, if you try this your command line may need to be different (use "TPMFactoryUpd.exe -?" for command line help with the tool).
7. Then I rebooted back to the BIOS, turned the TPM back on, and re-enabled everything, and "tpm.msc" shows that my Asus TPM has been updated and no longer has the vulnerability.
Note that the update bundle also includes a UEFI updater that you can run from the BIOS, but I didn't bother doing that because I didn't have time to figure it out.
Anyway I hope this is helpful to others!
02-02-2018 12:42 PM