Update HP BIOS using PowerShell and Internet Connection

I’m on an HP kick, they have some awesome Client Management tools, and I’m playing around. Quick follow up to my last post about downloading HP BIOS to be used in creating a package,  This Script does a few things:

  1. Checks to see if you have the HP Client Powershell module, if not, downloads v1.1.1 and installs it.
  2. Checks your current BIOS version
  3. Checks internet for most recently released BIOS version for your device
  4. If newer BIOS is available than what is installed:
    1. Downloads Updated BIOS
    2. Extracts BIOS
    3. Suspends Bitlocker
    4. Installs BIOS

It does not automatically reboot, you can modify script to do that, or have your deployment solution do it.

*NOTE, this does NOT work in WinPE... I heard HP is working on updating the Modules so it does work in WinPE, which would be great. No ETA.  Once this happens, I'll test this again and update anything that needs to be updated.  WinPE is my goal for updating BIOS.

Other considerations, this requires active internet connection, you might have to update script to work with a proxy.

Tested on: HP EliteBook 840 G3

In Action: (Upgrade Required)

In Action: Already Current BIOS







8 thoughts on “Update HP BIOS using PowerShell and Internet Connection”

  1. Thanks for this powerful script.! If some other guys have a user authenticated proxy like my company, you could add the following lines to support it:

    [system.net.webrequest]::defaultwebproxy = new-object system.net.webproxy('http://yourproxy.yourcompany.com:8080')
    [system.net.webrequest]::defaultwebproxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials
    [system.net.webrequest]::defaultwebproxy.BypassProxyOnLocal = $true

    This will use your current logged on user for proxy authentication. Actually I didn't use it in TS, as soon as I did i will update my comment. The solution would be something like https://docs.microsoft.com/en-us/dotnet/api/system.net.credentialcache?view=netframework-4.7.2

  2. Don't know if it's because of Office 365 being installed or the stricter security we have applied on Windows 10 1803 (Credential Guard etc) but your script throws the error 'Invoke-WebRequest : The underlying connection was closed: An unexpected error occurred on a send' when trying to download the softpaq.

    I added the below line to the top of your script to fix it

    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

    Also... the BIOS version is being reported as 'Updated BIOS available, Version: 1.6.0', but it's 1.06.00. This is correctly reported later on in the script 'Temp\Extracted\HP EliteBook 850 G5\01.06.00'

    It's very alpha I guess so I won't complain about the missing error checks and the script reporting my BIOS is already current when nothing was download so there was no BIOS version to compare 🙂

    (Tested on a HP EliteBook 850 G5)

  3. Z420 ...
    if (Test-Path "$($ExtractedPath)\HPQFlash\HPQFlash.exe")
    Write-Output "Using HPQFlash.exe to Flash BIOS with Args -s -r -b -l"
    #Start-Process "$($ExtractedPath)\HPQFlash\HPQFlash.exe" -ArgumentList "-s -r -b -l$($HPContent)\HPBIOSUpdate.log" -wait

  4. Many thanks for this.

    HP have updated the PowerShell libraries a couple of times (most recent is 25 April - https://ftp.hp.com/pub/caps-softpaq/cmit/release/cmsl/hp-cmsl-1.2.1.exe) and the latest version has a "-flash" switch in the Get-HPBiosUpdates command which might simplify your script (although I can't actually get it to work - it downloads the file, copies it to the EFI partition but then fails to install with a message "The system could not find one of the BIOS update binary files")

    • Thanks Steve, I just started using the new tools yesterday, just haven't head time to play with it in WinPE. However I know Mike Terrill has been playing a lot with the new toolset in WinPE. I've started to use the new tools, but not the -flash. I've been focused on using the command to download the Bin file, then update the CM Package information.. post coming soon.

  5. Hello,

    You should change the test version with
    if ([version]$CurrentBIOS -le [version]$Bios.Version)

    in order to avoid downgrading Bios. It seems that HP does not update the webservice used by their commandlet as often as the website :/

    Thank you this great script !

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.