UEFI Capsule BIOS Update Whitepaper on WU_4.2

the HP BIOS to a specific version, the BIOS setting “Lock BIOS Version” should be set to “Enable” via

either the F10 BIOS interface or some other method.

BitLocker Recovery Key

If using any Bitlocker policies other than the Windows 10 defaults and BIOS updates via Windows

Update are desired, it is recommended that customers consult with Microsoft on the likelihood of these

updates triggering a Bitlocker Recovery key request. It is also recommended that some systems be

placed on the insider ring so that they will receive early access to these updates for test.

EFI Partition Size Requirements

Details can be found here: https://support.hp.com/us-en/document/c06466416

Blocking Windows Update BIOS Updates with BIOS Settings

Native OS Firmware Update Service

The setting titled “Native OS Firmware Update Service” is the primary mechanism to enable or disable

the UEFI Capsule BIOS update on an HP client. The default value for this setting is “Enable.” When

enabled the HP BIOS will accept updates from UEFI Capsule via Windows Update. To block the update

from Windows Update set this setting to “Disable.”