ASUS - ZenTalk

finance_ka02 · ‎06-02-2025

We are running B365M-A Prime with CPU i9-9900 in a server environment, current BIOS version 9105.

With reference to https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/proces... a microcode update version 0x104 is indicated for the relevant CPUID 906ED, to mitigate CVE-2024-45332/INTEL-SA-0124 and CVE-2024-28956/INTEL-SA-01153.

We are unable to update the microcode because the BIOS is signed.

Could Asus provide a BIOS update with the relevant microcode update?

Thank you.

Jiaszzz_ASUS · ‎06-13-2025

Hello @finance_ka02

I have updated our DM conversation, kindly review and confirm the information provided when convenient.

Thank you.

View solution in original post

Jiaszzz_ASUS · ‎06-09-2025

Hello @finance_ka02

Thank you for reaching out to us.
We have confirmed the SN you shared in DM and are currently awaiting further confirmation from the relevant department. As soon as there are any updates, we will inform you at the earliest opportunity.

Thank you.

NOSNHOP · ‎06-12-2025

@finance_ka02 The last BIOS for this motherboard was released on 2021/08/05, good luck getting anything newer.
This also means there are multiple security vulnerabilities beyond the two listed that your microcode isn't patched for. Linux would load the microcode updates if you are running it.

Take it as a lesson to not use consumer products in server use cases.

Jiaszzz_ASUS · ‎06-13-2025

Hello @finance_ka02

I have updated our DM conversation, kindly review and confirm the information provided when convenient.

Thank you.

ASUS - ZenTalk

CVE BIOS Request: B365M-A