Supermicro is committed to delivering industry-leading security across our system platforms. To ensure the authenticity and integrity of firmware updates, we have implemented cryptographic software signing across multiple generations of our systems.

• X11 and H11 Systems: Cryptographically signed software added to allow our customers to verify the authenticity of downloaded firmware.
• 12th Generation and beyond Systems: All firmware is signed by Supermicro. The system validates the software signature during installation to ensure they have not been tampered.

These protections are already in place for select customers and are enabled by default on all new platforms moving forward. Our public facing website provides hash signatures for customers to perform an additional layer of verification for downloaded firmware integrity.

Note: For existing systems, enabling this feature is optional due to backward compatibility considerations. Once signed firmware is installed, systems cannot revert back to unsigned firmware. This restriction is important to understand for customers who have locked their platform firmware environments.