XPS Desktops

DJH301_ · ‎01-18-2023

A high number of users were able to successfully recover their BIOS based from the majority of testimony posted on this forum in December of ‘22.

========================================================================

Those who want to choose to review the policy stipulations for affected out of warranty customers can read the customer care wiki (link below). Extracted beneath are some listed stipulations

https://www.dell.com/community/Customer-Care-Wiki/Dell-Policy-BIOS-update-breaks-motherboard-CMOS/ta...

========================================================================

>>> out of warranty customers <<<

“An automated software suggestion by SupportAssist, Dell Update Application, or Windows Update, to install any BIOS update is NOT the same as Dell Support representative dictated direction to install any driver (BIOS update).” “This means If you update the BIOS without any direction from a Dell support representative and the BIOS update broke the motherboard CMOS, then YOU are responsible for buying a replacement motherboard. “

“Dell will only have motherboards for 4 years from the original system (Ready to Ship) date. If you are past this four year period YOU will need to purchase the motherboard from a third party seller”.

=======================================================================

Dell Support recommends users follow specific instructions to flash the BIOS to 1.1.28

=======================================================================

RoHe · ‎01-18-2023

So who wants to be first...?

Wonder if 1.1.28 fixes any CVEs that weren't fixed in 1.1.27. If anyone has the list (or a screenshot) for 1.1.27, please post it here.

If they're all the same CVEs, users who successfully installed 1.1.27, like me, may want to skip 1.1.28 completely...

Ron

Forum Member since 2004
I am not a Dell employee

DJH301_ · ‎01-18-2023

This platform isn't making sense anymore. First it installs a super cookie on my browser today keeping me signed in. After I removed it, I was locked out of signing in. Had to use different credentials to sign-in . . . under a slightly different name

DJH

Mike Schmieg · ‎01-18-2023

I tried to install 1.1.28 on my 8930 today, but I get "Error: Driver Version Fail!" I tried to install the 1.1.27 on my machine in December and it trashed the BIOS, so I'm a bit wary of this and will hold off trying it again until I hear something new.

--- Mike

RoHe · ‎01-18-2023

@Mike Schmieg Yes, tell us exactly how you tried to run the update, asap!

EDIT: Be sure to include your version of Windows too.

Ron

Forum Member since 2004
I am not a Dell employee

Mike Schmieg · ‎01-18-2023

No, I tried the Windows method. I used the USB installation for 1.1.27 on my Win 11 system (fully updated) which bricked my system, so that none of the recovery techniques worked. Dell charged me $250 for shipping and replacing the motherboard. I got the system back, went into the BIOS to make sure the settings were correct. 1.1.27 was still installed. Saved my settings and the system bricked again. Dell did not charge me for the second repair, but I need the system right now and I'm hesitant to take another chance, at least not until after my taxes are files.

--- Mike

Anonymous · ‎01-19-2023

@Mike Schmieg

I don't blame you for not wanting to. I'd be hesitant too if I had sent the PC back twice.

The security patches that 1.1.28 fixed which they listed on the Support site are CVE-2022-33894, CVE-2022-34398, and CVE-2022-40262.

The one highlighted above happens to be the only CVE listed on Dell's Security Advisories and Notices site where BIOS version 1.1.27 applied the security update for that particular CVE where the XPS 8930 was one of the affected systems. Scrolling down to the bottom of the linked page for DSA-2022-339 you'll see BIOS 1.1.27 that applied the security patch for the XPS 8930

https://www.dell.com/support/kbdoc/en-us/000206038/dsa-2022-339-dell-client-security-update-for-a-de...

I know for a fact three were listed in December. I just didn't make a note of the ones.

But here's the thing which I believe is the good news. Based on the fact that CVE-2022-34398 was listed again for BIOS 1.1.28.exe, it's basically a given that the other two CVE's listed that BIOS 1.1.28 fixed are also the same CVE's that BIOS 1.1.27.exe fixed. Those CVE's were not publicly disclosed when discovered and I believe the term for all three CVE's are reserved CVE's

So if I understood your last post, they sent back your system with 1.1.27. If that's the BIOS version you're on, I wouldn't be concerned about not having the latest security update. I'm basically certain 1.1.27 patched the same vulnerabilities and exposures that 1.1.28 patches.

I would be very weary though if you haven't disabled UEFI Firmware Capsule Update in your BIOS settings and disable it now before Windows Update tries to install Dell -Firmware - 0.1.1.28 on your system before you have the chance to start working on your taxes.

spotteddog · ‎01-19-2023

After the problems with 1.1.27, I am hesitant to try to install 1.1.28. I went back to 1.1.26 and, as recommended, I changed a few (security) things in the BIOS.

Do I have to go back and change anything in the BIOS before trying this update? I'll be using the USB update. Windows 11.

XPS 8930
SSD, 2 HDD, GTX 1070, Windows 11 64-bit, i7-8700K, 16GB DDR4 at 2666MHz

Anonymous · ‎01-19-2023

It wasn't clear which BIOS version you're currently on after you got your PC back the second time. You omitted whether or not they downgraded from 1.1.27 after you got it back the second time

If its any consolation, I'm still on BIOS 1.1.26. The security vulnerabilities really are not all that too concerning, at least not to me personally. But, to each his/her own. After I followed that debacle on this forum last month, that was enough reason to resist attempting to updgrade.

I'd rather have a functioning system that's still not fully patched with the latest up-to-date fixes than to take the other risk . . and after vowing to never go through sending the 8930 off to Dell.

Mike Schmieg · ‎01-19-2023

Actually, I'm not running 1.1.27. After Dell replaced the motherboard the first time, it booted fine. I then entered the BIOS setup to make sure the settings were correct. They were not, so I changed them. Upon saving them, the system bricked again. So, after they repaired it the second time, I did not enter the BIOS setup until after I restored 1.1.26. After that, I was able to enter the setup, make my changes, save them, and all was fine.

I have done the BIOS flashes from the F12 option since I purchased this unit in 2018. The most recent flash (back to 1.1.26) is the first one I have done through Windows and the 1.1.28 is only the second time that I have tried it through Windows, but that apparently does not work any longer. Thank you for the tip on disabling UEFI update. I will disable that immediately. I didn't even think of that.

Things have greatly changed since I used to build these things for a hobby. The last one that I built used a 48x86 processor and that was back in the 90's. I thought that thing was fast with a 100mhz processor overclocked to 133 and now this 8930 has a 4ghz processor. It was also easier in the old days where I could just replace a BIOS chip if it got trashed instead of sending it back to Dell and replacing an entire motherboard. I did have a problem with the first repair as the unit came back with loose screws rolling around in the case that had not been tightened when the system was repaired. The second repair did not have that problem.

--- Mike

XPS Desktops

XPS 8930, new BIOS version just released, 1.1.28