From a Ubuntu system running FDE on a Lenovo Thinkpad 440s, I did the following:
Downloaded this: http://support.lenovo.com/us/en/downloads/ds035967
More or less followed directions here: http://www.lenzg.net/archives/358-Updating-the-BIOS-on-my-ThinkPad-T440-without-Windows-or-a-DVD-Drive.html
If you do have windows and don't want to shut down, here's how to query your Lenovo Bios version number using powershell (should work on any version of powershell, definitely 2.0+):
(Get-WmiObject -class "Win32_bios" -namespace "root\CIMV2" -computername ".").SMBIOSBIOSVersion
Here's how to query if you're on ubuntu (and probably other linuxes):
$ sudo dmidecode -s bios-version
Unlike the tutorial linked above, my steps for creating the bootable USB are a little simpler, mostly because the tool, "geteltorito" is installed by default in Ubuntu.
How to update:
Step 1: Create the bootable USB:
**Note, this assumes your usb is /dev/sdb1
- Download the iso here: http://support.lenovo.com/us/en/downloads/ds035967
- Run the following 2 commands:
$ geteltorito -o bios.img gjuj13us.iso
$ sudo dd if=bios.img of=/dev/sdb1
Done, USB should now be bootable.
Updating the Bios with the bootable USB
Then I shutdown, crossed my fingers, and booted from the USB (f12 brings up the boot media selection menu while booting if you haven't disabled that in Bios).
If you don't care about details and just want to finish, select #2, next, Y, yes, yea, sure, do the thing, reboot without removing media, wait for flashing to happen, remove bootable usb, reboot, done.
Detailed version:
When the usb loads, I have three options:
1. Read this first. This actually is pretty darn confusing and didn't really make sense the instructions are in Engrish, or were written by a drunk person.
2. "update system program". This does what I'm here for.
<Y>, yes, I want to continue
Don't remove USB, press <Enter>
System reboots into USB again
Flashing takes about a minute or two, then reboots. I removed the flash drive while it was counting down and it rebooted happily into my disk encryption prompt, then into my OS.
Option 3 was to manually change your serial number. I didn't have a need for this as far as I'm aware. I kind of want to make it "SKYNET" though.
Next
I'm going to enable boot protection, TXTmode, and security auditing on Bios and other strings and then will post an update on updating the bios when all that complication is added to the process. My next bios update should be considerably more complicated.
Let me know if anyone had issues with this method. Your bios image may be different than mine if your computer is not the T440s.
When I attempt to extract the image from the iso I get:
ReplyDeleteCannot read image/device "gjuj13us.iso". Aborting
Any ideas, or care to share the extracted image :)