=========================================================================================================
N8115-35 Trusted Platform Module Kit
Trusted Platform Module(TPM) FirmwareF 73.20
(for Windows)
=========================================================================================================
NEC Corporation.
Aug. 2020

[Contents]
1.  About the software
2.  Notes
3.  Firmware version for update
4.  Installation procedures
5.  Revision history
6.  Legal notices (trademarks and copyrights)
---------------------------------------------------------------------------------------------------------

1.  About the software

   This software is an update module for Trusted Platform Module(TPM) firmware that supports the following.

   < Trusted Platform Module(TPM) Firmware >
   - Mitigated security vulnerability CVE-2019-16863(TPM-FAIL).


   ** Program and data included in this software **
   Following program is included in this software.

   - Executables for Windows(R) : cp043599.exe


2.  Notes
  - To prevent a system failure, please read this document carefully and follow the procedure for
    successful update.  Should your system malfunctions or is powered off due to an unplanned event
    during update (for example, power blackout or cutoff, lightening, and noise), the system may be
    damaged and fails to operate normally. In this case, any remedial measures shall be taken at
    your expense.

  - Updating the TPM firmware changes TPM PCR values that OS/applications using TPM, 
    and disrupt access to encrypted disks/information. 
    Therefore decrypt the OS/application function(Microsoft BitLocker etc.) that using the 
    TPM before updating the TPM firmware, and encrypt it again after updating.

  - Before updating the TPM firmware, confirm that SystemROM version supports the TPM firmware updating function.
    System ROM (v1.46 or later) supports updating function.

  - This firmware should be applied when the N8115-35 TPM kit is set to either TPM 1.2 or 2.0 operating mode.
    If the operating mode is set to TPM 1.2, you need to switch to TPM 2.0 before updating the TPM firmware.
    For the setting method, refer to the maintenance guide of the server you are using.

  - TPM firmware can only be upgraded.
    It is not possible to flash with the same version or downgrade to an earlier version.

  - This software does not support a virtualized environment such as hyper visor, guest OS, etc. 
    Please install either on the host OS which this software supports.

  - This software will access to iLO5 (Baseboard Management Controller). It is required that the
    "iLO 5 Channel Interface Driver" (CHIF) must be installed. The CHIF driver can be installed by
    using EXPRESSBUILDER or "Starter pack(Standard Program Package)".


3.  Firmware version for update 

  Users who use the following Trusted Platform Module(TPM) firmware versions need update:

@ - Target Option : N8115-35 Trusted Platform Module Kit

   - Trusted Platform Module(TPM) Firmware versions to update : 73.0

   - Server Models supported: 
@   1. Express5800/R120h-1M
     2. Express5800/R120h-1M(2nd-Gen)
     3. Express5800/R120h-1M(3nd-Gen)
     4. Express5800/R120h-2M
     5. Express5800/R120h-2M(2nd-Gen)
     6. Express5800/R120h-2M(3nd-Gen)
     7. Express5800/R120h-1E
     8. Express5800/R120h-2E
     9. Express5800/T120h


     NOTE:
     If your TPM firmware version is later than the above, you do not require the update
     (the latest revisions already include the functions to be added by the software).


  - How to confirm your Trusted Platform Module(TPM) Firmware version:

     Please make sure to confirm proper the Trusted Platform Module(TPM) version 
     by any of the following means.(*1)

     * How to confirm by the server which will be updated *

     - By System Utilities, to confirm your firmware version:

     (1)  Power on the system.
     (2)  When the following message appears, press the F9 key to start the System Utilities.

                      [F9] System Utilities

     (3)  Select the [System Information], then select the [Firmware Information]. 
     (4)  The firmware versions of your system will be displayed. 
          Please confirm the version from "Trusted Platform Module(TPM)".
     (5)  After confirmation of the firmware versions, press the ESC key or select [Exit] and exit
          the System Utilities. 

          Note: 
          About detail of "System Utilities" usage, refer to "1. System Utilities" section in the
          chapter of "Useful Features" of the maintenance guide.

     * How to confirm by the remote access *

     - By iLO web interface, to confirm your firmware version:

     (1)  Login iLO web interface.
     (2)  Select the [Firmware & OS Software] of left side menu.
     (3)  The firmware version of your system will be displayed.
          Please confirm the version from "TPM Firmware".


4.  Installation procedures

  4-1. Preparation for the software

   (1) Log on to the system as a user with administrator privilege.

   (2) Terminate all running application.

   (3) Download the install module, extract it to a desired directory.

   (4) Required: Please confirm that the System ROM version is v1.26 or later.


  4-2. TPM Firmware installation procedure

   (1) Double-click "Executables for Windows(R) file" (i.e. *.exe). 
       The TPM Firmware Update Program will start.
       The file location of windows(R) installer as follows:

         \Windows

   (2) Follow the displayed message to install the TPM firmware update.

   (3) If the messages requesting reboot will be shown, select "yes" to reboot of the system.
       - If reboot does not start, please reboot manually.
       - At this time, the TPM Firmware update is not completed.
         Rebooting will complete the TPM Firmware, so be sure to restart the system.

   (4) The contents of process by POST (Power On Self-Test) will be shown on the screen.
       At the End of POST, the Trusted Platform Module(TPM) Firmware update process is executed.
       It will take about 5 minutes for the update process, so please wait for a while until
       the update process is completed.
       When the update is completed, the system will be automatically restarted.

   (5) Confirm that the Trusted Platform Module(TPM) Firmware version has been updated to the version listed
       below by any of the means described at (*1).

             Trusted Platform Module(TPM) Firmware      :  73.20

       Now the Trusted Platform Module(TPM) Firmware installation is successfully finished.


5.  Revision history

2020/08/21  TPM Firmware Version : 73.20
   - Mitigated the following security vulnerability.
       CVE-2019-16863 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16863)
     This security vulnerabilities are not unique to NEC servers.


2017/08/23  TPM Firmware Version : 73.0
   - Initial Release.


6. Legal notices (trademarks and copyrights)

   All contents on this software are the copyright of NEC Corporation or the third-party software
   developer.

   Microsoft, Windows, Windows Server are registered trademarks of Microsoft Corporation in the United
   States and other countries.

   GRID is trademarks and/or registered trademarks of NVIDIA Corporation in the U.S. and/or other
   countries.

   All other product, brand, or trade names used in this publication are the trademarks or registered
   trademarks of their respective trademark owners.

   All contents on this software are the copyright of NEC Corporation or the third-party software
   developer. All other contents mentioned herein are copyright of their respective owners.

   Microsoft, Windows, Windows Server are trademarks or registered trademarks of Microsoft Corporation
   in the United States and other countries.

   Linux(R) is a registered trademark of Linus Torvalds in the United States and other countries.

   Red Hat is a trademark or a registered trademark of Red Hat Inc. in the United States and other
   countries.

   All other company names and product names mentioned herein are registered trademarks or trademarks
   of their respective owners.


