On May 26, a user on HP’s support forums reported that a forced, automatic BIOS update had bricked their HP ProBook 455 G7 into an unusable state. Subsequently, other users have joined the thread to sound off about experiencing the same issue.
This common knowledge regarding BIOS software would, then, seem to make automatic, forced BIOS updates a real issue, even if it weren’t breaking anything. Allowing the user to manually install and prepare their systems for a BIOS update is key to preventing issues like this.
At the time of writing, HP has made no official comment on the matter — and since this battery update was forced on laptops originally released in 2020, this issue has also bricked hardware outside of the warranty window, when previously users could simply send in the laptop for a free repair.
Overall, this isn’t a very good look for HP, particularly its BIOS update practices. The fragility of BIOS software should have tipped off the powers at be at HP about the lack of foresight in this release model, and now we’re seeing it in full force with forced, bugged BIOS updates that kill laptops.
The idea of forced automatic BIOS update is dumb. BIOS only should initialize its required components and fuck off afterwards.
seems like it should be an opt-in setting in BIOS;
- HP might want to learn from the other OEM vendors what to do for BIOS/UEFI configuration
There is no BIOS anymore. It’s all UEFI, which is massively fatter and more complex. Being fat and complex, they have plenty of security vulnerabilities that need to be patched.
How do these things not have unbrickable A/B firmware partitions by now? Even I have that on a $2 microcontroller. Self-test doesn’t pass after an update? Instant automatic rollback to the previous working partition.
It’s pretty ridiculous not to have a way of recovering from a failed update.
On my desktop, I just have to plug a flash drive with the BIOS image into a specific USB port and press a button on the motherboard. It doesn’t matter if the BIOS is broken and it doesn’t even require a CPU or RAM to be installed.
Gigabyte?
do they even use ‘dualbios’ anymore? all i’ve seen lately is ‘q flash’ (for updating bios without a cpu or video present) on their boards.
HP expanding their bad practices from printers to PCs now?
Microsoft should also be to blame here. Sending BIOS updates via automatic windows updates should not be a thing.
The alternative is that BIOS updates simply never get applied.
Not sure when the sentiment changed, but it used to be heavily recommended against updating the bios on any computer unless there was a specific feature or fix your computer needed.
Sentiment changed when the “BIOS” became a component for enforcing security architecture via “SecureBoot” and also Bitlocker sealed to PCRs only does so much if the BIOS code is vulnerable. Now they really badly want a “trusted” chain from some root of trust until the OS bootloader takes over. Problem is that the developers have historically enjoyed being in a trusted, single user context for decades and so the firmware has been full of holes when actually pushed.
On the offhand chance that someone with a bricked HP laptop stumbles here looking for what to do (prob via smartphone or public library computer),
- I’d recommend on removing the M.2 SSD (gumslice-shaped PCB that contains your data) to protect your data
- this can be found by googling your laptop’s serial number and looking for the manual, after downloading the PDF file you’ll be able to open it with Firefox
- you’ll typically need a philips-head screwdriver to remove the laptop’s case and remove the SSD
I’m assuming the users might be coming from Windows
hopefully this helps someone out there
I’d strongly recommend against that at this point since it will be useless without your Bitlocker key form the laptop’s TPM.
Since probably 99% of Windows PCs don’t run Bitlocker, I think your recommendation is a bit overblown.
Even if it isn’t “bitlocker” branded, most Windows PCs ship with “BitLocker” enabled. The distinction between Windows Home disk encryption and “BitLocker” is that BitLocker additionally allows external management of the key material, while Home only supports the TPM and your microsoft account for the key/recovery codes.
most Windows PCs ship with “BitLocker” enabled
No, they simply do not. Microsoft branded hardware, sure. But I’ve never seen a Dell or an HP with Bitlocker enabled from the factory, and at this point I’ve put my hands on thousands of them.
I can tell you every factory preload of windows on a Lenovo I have seen for the past few years has disk encryption on by default (windows home, so not “bitlocker”, but it’s the same thing with respect to being tied to TPM.
- I’d recommend on removing the M.2 SSD (gumslice-shaped PCB that contains your data) to protect your data
HP laptops are garbage. This is the hinge of my HP X360 laptop after 6 months of occasional use: https://i.imgur.com/LhZWBIt.jpg
If it’s not a touchscreen, it’s fairly easy to repair. Still shouldn’t have broke in the first place, but it’s just the back panel cover.
I’ve repaired hundreds of laptops across multiple vendors on all kinds of damage, fwiw.
Touchscreens are also easy to repair, they just have two more wires in the ribbon, that’s all.
Depends on the model. Some are more involved than others.
Yeah, agree. But it doesn’t have to be that way. Some companies are just lazy, sadly.
There’s been a few models I’ve tried repairing in the field, and it would have required a likely damaging of the end of the WiFi antenna wires (at the very least). Some will have this effectively thick copper tape that’s soldered onto the end of the WiFi wires, and the glue is very aggressive.
And again, some you can peel off without too much trouble, but some not as easily. Granted the vast majority of my repairs were onsite at the customers home/business.
The article doesn’t say/clarify. Was it some crap HP software that performs driver updates, and it decided to force a bios flash? Or was it windows update itself?
If it was windows itself, holy crap, that’s a serious over reach on Microsoft’s part. Like “this is insanity windows needs to be removed” bad.
Years ago Windows used to not provide drivers. This lead to many users never downloading drivers for their devices. Users ran their devices for years without trackpad, Wifi and GPU drivers etc. The drivers were also scattered all over the internet.
These days vendors can supply Windows with drivers and even Bios updates.
It is very unlikely Microsoft pushed these drivers out themselves. HP likely provided the Bios update…
This is a classical example of user error.
They made the easily preventable mistake of buying HP.
I remember warning labels on BIOS updates that basically said that if nothing is broken, don’t do the update because the risk of bricking the device did not outweigh any potential benefits. That vendors are now pushing mandatory BIOS updates through Windows Update is terrifying.
