Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ASUS Z170-A ME firmware update problem, Error 8719, no help from support

Broheim
Level 7

‎01-12-2018 06:11 AM - last edited on ‎03-06-2024 09:33 PM by Community Admin

I have a problem with updating vulnerable ME firmware on my Z170-A motherboard with BIOS 3504. First I updated ME Driver to the latest version 11.7.0.1040. MEUpdateTool (version - 2017/11/22) doesn't work - system is still vulnerable according to Intel-SA-00086 Detection Tool. Running "FWUpdLcl64.exe -f ME.bin" gives the same "Error 8719: Firmware update cannot be initiated because Local Firmware update is disabled". Tried solutions from forums, such as clean Windows 10 Pro x64 install, clearing CMOS, running FWUpdLcl64 from flash drive - do not work.

This problem came up in another thread, with a solution to downgrade BIOS to old versions where Local Firmware update was enabled, see https://rog.asus.com/forum/showthread.php?97312-New-BIOS-Version-out-today-(11-09-17)-MH-VIII-Hero&p...
 (its a post by Kaelek on the 11th page). Searching the net regarding Error 8719 gives additional weight to the conclusion that this is usually a BIOS bug https://www.win-raid.com/t596f39-Intel-Management-Engine-Drivers-Firmware-amp-System-Tools-121.html#....

However, versions that I can downgrade to have Local Firmware update disabled (remember, Z170-A doesn't have USB BIOS flashback). I can't downgrade to 0901 for example that seems to solve the problem for MH VIII Hero.

ASUS support was not helpful, since they suggested that this is a hardware error: "Obviously, ME firmware is damaged or cannot be updated due to hardware fault". Curious how guys with MH VIII Hero were able to solve it by downgrading BIOS. Support proposed that I send my motherboard to the service center of the shop where I purchased it, which is not local, so that way I will be without a working computer for at least a month. That I will not do, so it seems I just have to live with a vulnerable firmware.

Did anyone with Z170-A and BIOS 3504 or one of the other 3xxx versions managed to update their ME firmware? Make sure it really was upgraded by running Intel-SA-00086 Detection Tool, because ASUS MEUpdateTool will not notify you of the Error 8719, and will look like update was successful when it was not.

Anyone have any solution to this problem other that what support suggested?
Labels:
0 Kudos
895 Views
17 REPLIES 17

Broheim
Level 7

‎01-12-2018 06:59 AM

Similar error with MSI BIOS: https://forum-en.msi.com/index.php?topic=296123.0, https://www.msi.com/faq/notebook-2916 - "If you have "Error 8719:Firmware update cannot be initiated because Local Firmware update is disabled." after running the ME Update tool, there will be new BIOS release to solve the problem. New BIOS will be released right away once finished testing. Thank you for your understanding and patience.". So I do believe that this is a bug in recent versions of Z170-A BIOS and not a hardware fault or damaged firmware, as support suggests.
0 Kudos

Broheim
Level 7
In response to KSMerg

‎01-12-2018 09:05 AM

KSMerg wrote:
http://dlcdnet.asus.com/pub/ASUS/mb/LGA1151/Z170-A/Z170-A-ASUS-3703.zip


Thanks for the link, KSMerg. Do you know if it fixes the issue? Is it production-ready? If so, why is it not listed on the BIOS & Firmware downloads page https://www.asus.com/us/Motherboards/Z170-A/HelpDesk_BIOS/?
0 Kudos

KSMerg
Level 10

‎01-12-2018 09:25 AM

Version 3703
2018/01/128.09 MBytes
Z170-A BIOS 3703
Fixed SAMSUNG M.2 device issue.
Fixed SanDisk M.2 device issue.
Fixed AMD RADEON SSD device issue.
Improved DRAM compatibility.
Fixed SteelSeries keyboard issue.
Updated Intel CPU microcode.
0 Kudos

Broheim
Level 7
In response to KSMerg

‎01-12-2018 09:15 PM

So after 3703 appeared on ASUS Z170-A BIOS download page today, I updated to it - it still doesn't solve the problem with Error 8719. MEUpdateTool doesn't update ME firmware. Intel-SA-00086 Detection Tool reports that the system is vulnerable, same result with running FWUpdLcl64.exe -f ME.bin, Intel MEInfo 11.8.50.3425 also reports Local FWUpdate as Disabled.

Is ASUS going to fix this problem or not? Or am I stuck with a vulnerable firmware on my motherboard, when it is a fairly recent model?

Furthermore, they should fix their MEUpdateTool because it misleads users that their system was updated and, therefore, safe:
70493
When in fact, it wasn't updated and is still vulnerable:
70494
0 Kudos

Insert_Coin1
Level 7
In response to Broheim

‎01-13-2018 09:24 AM

Broheim wrote:
So after 3703 appeared on ASUS Z170-A BIOS download page today, I updated to it - it still doesn't solve the problem with Error 8719. MEUpdateTool doesn't update ME firmware. Intel-SA-00086 Detection Tool reports that the system is vulnerable, same result with running FWUpdLcl64.exe -f ME.bin, Intel MEInfo 11.8.50.3425 also reports Local FWUpdate as Disabled.

Is ASUS going to fix this problem or not? Or am I stuck with a vulnerable firmware on my motherboard, when it is a fairly recent model?

Furthermore, they should fix their MEUpdateTool because it misleads users that their system was updated and, therefore, safe:
70493
When in fact, it wasn't updated and is still vulnerable:
70494


Hi.

Does this means that this new bioses that are being released with the updated microcode doesn't come with the ME update?
0 Kudos

th3rookie
Level 7
In response to Insert_Coin1

‎01-13-2018 11:11 AM

Insert_Coin wrote:
Hi.

Does this means that this new bioses that are being released with the updated microcode doesn't come with the ME update?


Yes, indeed. Z170-A latest bios (3703) contains version 11.6.10.1196 of Intel ME.
0 Kudos

th3rookie
Level 7
In response to th3rookie

‎01-13-2018 11:24 AM

@Broheim DId you tried to see if Local FWUpdate was set to ENABLE/DISABLE using MEInfo Tool ?

To downgrade your bios, you can try with Winflash with the command prompt using Winflash /nodate.

I don't have the same board (Sabertooth Z170 Mk1), but I was able to flash the new ME using a 3xxx Asus bios (3401)
0 Kudos

Broheim
Level 7
In response to th3rookie

‎01-13-2018 12:16 PM

th3rookie wrote:
@Broheim DId you tried to see if Local FWUpdate was set to ENABLE/DISABLE using MEInfo Tool ?

To downgrade your bios, you can try with Winflash with the command prompt using Winflash /nodate.

I don't have the same board (Sabertooth Z170 Mk1), but I was able to flash the new ME using a 3xxx Asus bios (3401)


Thank you for you response, th3rookie. Yes, MEInfo reports Local FWUpdate as disabled.

I also came across Z170-A owner in win-raid.com forums who has it set to enabled in recent versions of BIOS, trying to figure out what can cause this difference, there are more detailed outputs from MEInfo and MEManuf there. Maybe in my case it was disabled during one of the earliest BIOS updates and not reset to enabled since? I updated BIOS a couple of times before 3504, I think I definitely updated to 1404, 1604 and 3401 before updating to 3503. Or there are some other differences between our Z170-A's.

KSMerg wrote:
https://forums.overclockers.ru/viewtopic.php?f=25&t=447045
It is possible to update the firmware first to 11.7.
https://forums.lenovo.com/t5/Lenovo-E-H-K-M-Q-Y-and-ErazerX/300-20ISH-Desktop-ideacentre-Error-8719-...

I tried reseting CMOS by jumper and by removing the battery, and loading defaults, doesn't help in my case.

Due to work I can't risk bricking my system right now in case something goes wrong with non-official downgrade procedure, so in the meantime I decided to buy a cheap SPI programmer and an empty BIOS chip, just in case I need it in the future.
0 Kudos