Intel® NUCs
Assistance in Intel® NUC products
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
12980 Discussions

BIOS Update 0375 Disables Intel Platform Trust Technology (TPM 2.0)

idata
Employee
‎11-23-2018 09:21 AM
1,983 Views

This post is just for information.

When manually installing the BIOS update listed below using the 'RY0375.bio' file on a USB stick, the update disables Intel Platform Trust Technology (TPM 2.0) in the BIOS settings.

This means if you have Bitlocker enabled (and set to require TPM & PIN), after the BIOS update is completed and the system has booted, Bitlocker will remain in the suspended state and not resume from suspension due to no TPM being visible.

You therefore need to re-enable the Intel Platform Trust Technology setting in the Intel BIOS settings. Then, once booted, Bitlocker should see the TPM again and allow Bitlocker to resume from suspension.

Old BIOS Version: 0371

 

New BIOS Version: https://downloadcenter.intel.com/download/28351/BIOS-Update-RYBDWi35-86A-?product=87570 0375

 

New BIOS Date: 2018-11-14

 

Intel NUC: NUC5i7RYH

 

Windows 10: 1809 (17763.134)

Steps to Reproduce:

 

1) Suspend Bitlocker

 

2) Reboot

 

3) F2 to enter BIOS

 

4) Disable Secure Boot

 

5) Save and exit BIOS

 

6) F7 to update BIOS to RY0375 from USB stick

 

7) F2 to enter BIOS

 

8) Re-enable Secure Boot

 

9) Save and exit BIOS

 

10) After booted, Bitlocker doesn't resume from suspension as no TPM visible

11) Reboot

 

12) F2 to enter BIOS

 

13) Enable 'Intel Platform Trust Technology' setting

 

14) Save and exit BIOS

 

15) After booted, Bitlocker will now resume from suspension as TPM is visible again

EDIT:

 

The update also reset a BIOS setting to allow S4 (Hibernation) to wake from USB, therefore I think this update resets all the BIOS settings back to their default settings.
0 Kudos

Link Copied

1 Reply
ggior1
Novice
‎11-25-2018 08:51 AM
789 Views

for me, it was a total wreck, even if i followed your scheme, very logical and well done (though i do not ahve bitlocker on disk. i had secure boot and TPM): all previous settings in BIOS ,gone. ok, no prob, i set them up again in 5 minutes(i knew them perfectly). saved, rebooted ,and, to my surprise windows 10 did not boot. "there is not any boot disk". perfect.. i re-downgraded to 0373 version(that worked always smooth as silk). but nothing...i had to recover GPT by using a pendrive with windows 10 console...i think i 'll wait for a fix of this BIOS version. i'll keep up with 0373 for a while

i suspect that the reset of previous settings with "legacy"(in the "boot" section of BIOS) in the place of "UEFI" has determined the disaster... or , perhaps, the addition of some new (not documented settings)

0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.