Listen to this Post
:
Lenovo users have recently been facing difficulties updating their BIOS, especially after the latest Microsoft security updates on Windows 10 and 11. The issue stems from changes made to the Vulnerable Driver Blocklist (DriverSiPolicy.p7b), which now blocks the execution of certain applications, such as WinFlash64.exe, a crucial component for Lenovo’s BIOS update process. This has led to various errors, including failed installations and “Flash Error” messages, affecting the reliability of BIOS updates for devices like ThinkPads. This article explores the issue, the affected systems, and the steps Lenovo is taking to resolve the situation.
Lenovo BIOS Updates and the Microsoft Security Block: What’s Going Wrong?
Lenovo has acknowledged a problem where BIOS updates fail to install on Windows 10 and Windows 11 systems after the of security changes by Microsoft. These changes block WinFlash64.exe, an essential part of Lenovo’s BIOS update utility, from running.
This issue first came to light when users began reporting that BIOS updates either failed to complete or resulted in error messages, such as “Flash Error” or security-related warnings. These problems have primarily affected ThinkPad models that rely on Lenovo’s BIOS Update Utility, which can be accessed through Lenovo Vantage or Windows Update.
The root cause of this failure is
Impact on Lenovo Users:
For those attempting BIOS updates, there are two primary error messages they may encounter:
1. Windows Security Errors: Messages like “Action blocked: Your administrator caused Windows Security to block this action” appear because of the security change.
2. Driver Compatibility Warnings: These warnings indicate that Windows is blocking the WinFlash64.exe due to security concerns, often stating, “A driver cannot load on this device. A security setting is detecting this as a vulnerable driver and blocking it.”
In addition to these errors, users might encounter alerts like “Some updates were not installed correctly” or “Flash Error,” which signal that the BIOS update has not been successfully completed.
Microsoft’s Role:
Microsoft’s security changes, including updates like KB5050081 for Windows 10 and KB5050092 for Windows 11, have been identified as the culprits blocking the BIOS update process. The updates introduced modifications to the Vulnerable Driver Blocklist file, which is responsible for identifying and blocking potentially unsafe drivers. While this change enhances overall system security, it inadvertently blocked drivers associated with Lenovo’s BIOS update utility.
Lenovo’s Response:
Lenovo has confirmed that it is aware of the issue and is actively working to resolve it. The company recommends that users avoid attempting to update their BIOS through the traditional methods until a fix is in place. Instead, users should look for BIOS versions 1.61 (UEFI BIOS) and 1.44 (ECP), which are designed to address this issue and allow BIOS updates to proceed without errors.
What Undercode Says:
The problem of BIOS updates failing due to Microsoft’s security changes highlights a fundamental challenge in maintaining compatibility between software updates and essential system utilities. While Microsoft’s intent behind the Vulnerable Driver Blocklist was to enhance security by preventing outdated or potentially dangerous drivers from loading, this change has led to unintended consequences for Lenovo users.
For Lenovo, this security update has exposed vulnerabilities in the way BIOS updates were designed to interact with Windows’ security protocols. Lenovo’s BIOS Update Utility, which was once a reliable way to update ThinkPad systems, has now been rendered unreliable due to the changes in Windows security settings.
This highlights an important lesson for both hardware manufacturers and software developers: security measures, especially those related to drivers and system utilities, must be coordinated between both parties to prevent disruptions. In this case, Lenovo was caught off guard by Microsoft’s changes, and now, users are left to deal with the fallout.
For users, this situation may seem frustrating, but the fix is already underway. The updated BIOS versions from Lenovo promise to resolve these issues, allowing BIOS updates to proceed without interference from Microsoft’s security features. However, it’s important to note that older BIOS versions will still be blocked by the updated Vulnerable Driver Blocklist, so users must ensure they download the latest BIOS releases.
Moreover, the broader lesson here is the need for a more robust testing environment where major updates from companies like Microsoft can be tested against critical utilities from hardware manufacturers. This will help prevent similar issues in the future, reducing the frustration for end users and ensuring smoother updates for everyone.
While the issue is being resolved, Lenovo and Microsoft must work collaboratively to avoid future incompatibilities. In the meantime, users should be vigilant about checking for the latest BIOS updates and install them as soon as they become available to avoid being caught in this cycle of failed installations.
Fact Checker Results:
- Microsoft’s security update to the Vulnerable Driver Blocklist is confirmed as the primary cause of BIOS update failures.
- Lenovo’s official statement confirms they are addressing the issue with newer BIOS versions, such as 1.61 (UEFI BIOS).
- Users should look for BIOS updates from Lenovo that are compatible with the latest Windows security patches to avoid encountering errors.
References:
Reported By: https://www.windowslatest.com/2025/03/27/lenovos-bios-updates-are-failing-on-windows-11-after-microsoft-made-a-change/
Extra Source Hub:
https://www.quora.com/topic/Technology
Wikipedia
Undercode AI
Image Source:
Pexels
Undercode AI DI v2
