Hi, I have a Lenovo ThinkPad T440 with Locked BIOS, when I tried to flash the Moded BIOS prepared for me by the expert ‘Serg008’ I discovered that the Protected Range Register are set in my BIOS and it’s preventing it from being flashed. In recent post of ‘quid’ I discovered that there is a security researcher called ‘Cr4sh’ that has exploited a vulnerability in Lenovo BIOS and he could disable the PRx (Protected Range Register) He tested his work on Lenovo T450s, I wanted to ask here if I could apply his work on my T440 without a risk I’m talking about the part when he entered the command : Fwexpl_app_amd64.exe –target-smi 3 –pr-disable (here is his Blog: blog.cr4.sh) And then he executed the Python script ‘CHIPSEC’ and the PRx are Zeroed. Any advice please, can I go ahead with this command, or do I need to adapt his application to my T440? Thanks in advance. (Sorry I’m not allowed yet to post Links and Images)
i believe it should work due to intel chipset specs he speaks of usually work on most intel chips he speaks of in docs.
Thanks For your response I've tested it, but it didn't work, It gave me an error as you can see on the image attached I also tried the Python script CHIPSEC, but it didn't recognized my bios correctly (please see attached) I think my BIOS is certainly vulnerable, But I just need to find a way to crack it any Help Please.
thats from linux ? looks like you need to adjust the code somewhere.. i got ideas but no time to play nor expertize in this. basicaly the registers that get set on boot lock or unlock 1 time till reboot. on my T410 (non efi) shows some lock firmware requiring signature... i dont have it enabled.. 1 time set never able to revert.. unless?
No, it's just from Windows 8.1, I deactivated the secure boot and the OS optimization. Ok, Thank you, I'll get a look on the source code of his application and see where I can made a modification.
Hi LatinMcG, It turns out that my bios is not affected by this vulnerability as described on Cr4sh Blog, because I applied the Update of last April :-( Is it really risky (as lenovo support flag it) to downgrade the BIOS image? is there any safe way to downgrade it? if yes where can I find some older and original Bios images for My Thinkpad T440? Thanks in advance.