On most of MSI laptops, there is a key combination to unlock BIOS options to enable Me FW Image Re-Flash, so it was pretty handy and I was not forced to set the variable manually inside the NVRAM.
Key combination is:
ALT-Left + CTRL-Right + SHIFT-Right + F2
All I had to do was basically:
1) Downloading the lastest BIOS/Intel Flash Image from the vendor,
2) Replacing inside the Intel Flash Image, the ME Region by the dumped one with FPT (FPTW64.exe -ME -D ME.bin)
3) me_cleaner to disable ME.
4) Extracting again the ME Region from the patched Intel Flash Image by me_cleaner (new_ME.bin),
5) Flashing it back with FPT (FPTW64.exe -ME -F new_ME.bin)
Everything went smoothly.
ME ran originally with 11.8.50.3425 version which was still vulnerable apparently, so wiping it partially from my laptop makes me feel safer.
I have just one remark to do, I guess this is normal behavior, but with intelmetool -m I get this:
Bad news, you have a `CM236 Chipset LPC/eSPI Controller` so you have ME hardware on board and you can't control or disable it, continuing...
Can't find ME PCI device
And I've noticed inside my BIOS that the ME State is saying that it is "temporarily disabled",
is that normal? (I believe it is, but I'm just confirming that it works)
Thank you, to all the community that participated into disabling it.
Hello there,
well this is not really an issue but I'm just happy to hopefully confirm that disabling Intel ME with me_cleaner on my MSI GT72S 6QE Dominator Pro G is working without any issues, using internal flashing following this guide: https://github.com/mostav02/me_cleaner_wiki/blob/master/Internal-flashing-with-FPT.md
On most of MSI laptops, there is a key combination to unlock BIOS options to enable Me FW Image Re-Flash, so it was pretty handy and I was not forced to set the variable manually inside the NVRAM.
Key combination is: ALT-Left + CTRL-Right + SHIFT-Right + F2
All I had to do was basically: 1) Downloading the lastest BIOS/Intel Flash Image from the vendor, 2) Replacing inside the Intel Flash Image, the ME Region by the dumped one with FPT (FPTW64.exe -ME -D ME.bin) 3) me_cleaner to disable ME. 4) Extracting again the ME Region from the patched Intel Flash Image by me_cleaner (new_ME.bin), 5) Flashing it back with FPT (FPTW64.exe -ME -F new_ME.bin)
Everything went smoothly.
ME ran originally with 11.8.50.3425 version which was still vulnerable apparently, so wiping it partially from my laptop makes me feel safer. I have just one remark to do, I guess this is normal behavior, but with intelmetool -m I get this:
And I've noticed inside my BIOS that the ME State is saying that it is "temporarily disabled", is that normal? (I believe it is, but I'm just confirming that it works)
Thank you, to all the community that participated into disabling it.