Jump to content
LaptopVideo2Go Forums

November 2020 - Windows update installs a borked Intel MEI driver 2035.x.x.x


StefanG3D

Recommended Posts

As a result my laptop starts cooking and operates in slow motion 💩

 

Workaround: change "DriverDate" of old driver to a future date in registry (but not "DriverDateData")

In this case i selected end of 2021. Hopefully there is a fix in 2022...

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0025]
"DriverDesc"="Intel(R) Management Engine Interface "
"ProviderName"="Intel"
"DriverDateData"=hex:00,c0,a3,7f,99,dc,d1,01
"DriverDate"="12-31-2021"
"DriverVersion"="11.6.0.1015"
"InfPath"="oem22.inf"
"InfSection"="TEE_DDI_W10_x64"
"MatchingDeviceId"="PCI\\VEN_8086&DEV_A13A"

 

Of course you can do the same with other drivers which you do not want to be updated.

Link to comment
Share on other sites

Faster than expected: WU offered MEI 2040.100.0.1029

Lets see how it works.

I guess they nuked too many systems to ignore the issue 🙄

 

Edit: an hour later laptop goes nuts again.

Back to driver from 2016...

Edited by StefanG3D
update
Link to comment
Share on other sites

Yeah. Better stick to the old drivers as the newest addresses security vulnerabilities: CVE-2020-8705, CVE-2020-8750, CVE-2020-8747, CVE-2020-8753, CVE-2020-8754, CVE-2020-8746, CVE-2020-8760, CVE-2020-8756, CVE-2020-8745, CVE-2020-8744, CVE -2020-8757, CVE-2020-8761, CVE-2020-8755, CVE-2020-8751, CVE-2020-8752,CVE-2020-8749, CVE-2020-12297, CVE-2020-12303, CVE-2020-12304, CVE-2020-12354, CVE-2020-12355, CVE-2020-12356

I tried new drivers just to try them and my system was way slower a day before your first post.

I think that the newest driver enables some protections layers that are present in ME FW. And the older drivers are just non aware of the different mitigations so those are not working and  thanks to that the system feels faster.

Or it also requiers updating me fw to work as it should but than it is hard to revert to previous me fw.

I am not an expert in me fw and drivers and those are just my toughts.

Edited by Krzyslaw
Link to comment
Share on other sites

I'm afraid there are very few experts outside Intel due to the nature of this software.
Here is a comprehensive article from the author of IDA: Secret of Intel Management Engine by Igor Skochinsky

Today i try the last (?) build from major version 14: DriverVer = 05/19/2020,2021.14.0.1615

EDIT:

Nope, stalls after 2 hours

Next candidate: DriverVer = 03/24/2020,2013.14.0.1529

EDIT 2:

Nope, trying DriverVer = 12/25/2019,1952.14.0.1470

 

 

mei1666.png

 

Link to comment
Share on other sites

Finally i got rid of the unwanted updates via Windows Update PowerShell Module

WU became yet crazier: besides 2 different MEI updates at the same time it suggested a chipset driver from 1970

hide-wu-intel-system.png

EDIT: on ms-settings:windowsupdate screen select pause updates and then resume updates to refresh.

Link to comment
Share on other sites

Ok.

My new finding.

I prepared latest ME fw update along with merged other binaries as per winraids guides and flashed on my 8th gen refresh laptop with i7 8565u and I must said that now it is a different story with latest drivers.

My cpu has newer been faster. For example i gained around 200points in FS cpu physics test and it is consitant gain over many tests one by one.

But i have used not me drivers only form winraid but full instaler that contains other me driver things.

As for latest drivers I left only management engine device working and dissabled all other devices like rdal or icls within device manager and services.

If you want I can prepare for you update for latest me fw acording to all  winraid guides and I can share driver package that I have used.

BUT AFTER ME FW FLASHING YOU CANNOT DOWNGRADE TO PREVIOUS ME FW WITHOUT GAING FULL READ WRITE ACCESS TO CPU OR BY USING PROGRAMER. more to read on that on winraid.

Also I recomend disabling driver instalation by win update by for example by using option within ddu or just using tool like Windows update blocker and full disable win updates. This tool has on and off switch so you can reanble win updates at and time if you want for example when you want update win or install something from ms store. 

ALL BEST 

KRZYSZTOF 

Link to comment
Share on other sites

I already have latest FW 11.8.81.3781 CON H installed.
I have also "11.8.81.3796 unsigned" handy, but i don't know if it is H or LP and to what extent the signature matters.

I checked installer package v2044, but the HECI drivers are the same as in v2040

 

Another thing that puzzles me, is the lower FITC version shown in HWiNFO

stefan089-20201206-230548.png

Link to comment
Share on other sites

Digging deeper in the guts of WU i found a NULL HECI System driver

I will test that for a while...

; ************************************************************
; **  Filename: NULL_HECISystem.inf                         **
; **  Abstract: Assigns the null driver to devices          **
; **            for yellow-bang removal and                 **
; **            brands Intel(R) devices                     ** 
; ************************************************************

[Version]
Signature=$WINDOWS NT$
Class=System
ClassGUID={4D36E97D-E325-11CE-BFC1-08002BE10318}
Provider=%INTEL%
CatalogFile=NULL_HECI.cat
DriverVer=01/10/2019, 0.0.0.1

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...