Update Microsoft Surface Firmware using SCCM

Usually, when it comes to driver management, for computer already deployed, we say ‘If it ain’t broken don’t fix it’. Once in a while, a driver or firmware could require an update because of a bug reported by multiple users but that would usually be an exception.

Microsoft Surface devices have proven over and over that this statement doesn’t apply to them. Microsoft Surface, since the beginning of the brand, tend to work better with latest firmware version. Microsoft often releases new firmware revision along major Windows 10 releases.

For home users, the update will be applied with the standard Windows Update process and delivered in stages. For businesses, firmware update management by WSUS or SCCM is not yet available. (Feature is included in the latest SCCM Technical Preview 1706 but not yet in the latest 1702 production version)

This blog post will detail how to update the Microsoft Surface firmware using SCCM.

SCCM Update Microsoft Surface Firmware Prerequisites

• Download the latest MSI version of the needed firmware
  • Surface Pro 4
  • Surface Pro 3
  • Surface Book
  • Surface Studio
  • Other sub-model (Wifi, LTE, AT&T) of Surface 3 and older are available here
• Surface 3 and newer model
  • Older models don’t have an available MSI version for Firmware management

[su_box title=”Important Note” style=”glass” title_color=”#F0F0F0″]Microsoft has started to release firmware updates based on Windows 10 builds. Vigilance is key here.
As an example, the Surface Pro 4 has a release specifically for the Creators Update (build ID 15063).

This would mean that older Windows 10 version should use the other release of the firmware, which as no build ID in the name.

[/su_box]

Why use the MSI to Update Microsoft Surface Firmware?

Microsoft Surface firmware contains multiple drivers, software, and UEFI updates. Most releases do not upgrade all drivers, firmware and UEFI at once. Some releases only update one or two component, while others will update pretty much everything. Having an inventory of each of those components would be huge to maintain and managed throughout releases.

Using the provided MSI file provides an easy way to inventory of all those components since it has an entry in Programs and Features once installed.

Update Microsoft Surface Firmware History

The update history for all Microsoft Surface models is available here.

As an example, the update for a Surface Pro 4 on May 25th had many components updated:

Microsoft also provides a preview of what to expect from the update:

Microsoft has inconsistency with firmware version. In this example, the MSI version which will eventually display in Program and Features, is not on the history page.

The only thing matching “approximately” is the Date Published. Word of advice, keep track of version and release dates for future debugging.

Create application for SCCM Microsoft Surface Firmware Update

We will now shows how to deploy the Firmware MSI files using SCCM:

• Under Software Library \ Application Management \ Applications, select Create application

• Provide the path to the downloaded MSI file

• On the Import Information pane, click Next 

• Add additional information if desired, click Next

• On the Summary pane, click Next 

• Click Close to close the wizard

• Select your new application and on the top ribbon, click Distribute Content to send your content to your distribution points

• Looking at the Detection Method under the Deployment Type, we see that it looks for an MSI Product Code

SCCM Update Microsoft Surface Firmware

The deployment can be done just like any other deployment.

[su_box title=”Important consideration” style=”glass” title_color=”#F0F0F0″]Microsoft Surface firmware update require a reboot. If the deployment is mandatory, the client computer will reboot to complete the installation. Plan accordingly. Target deployment date and time outside of working hours. Use Maintenance Windows if necessary.[/su_box]

• The user will see the following happen on the Microsoft Surface after the installation as been triggered by SCCM
• Restarting

• Getting Windows Ready

• Please wait while we install a system Update

• After the reboot, Working on updates

• Under the hood, the .BIN files under C:\Windows\Firmware will be updated:

• After the installation, the SurfacePro4 Update is visible in the Programs and Features

Monitor Microsoft Surface Firmware Versions

1. You can use a built-in report (Computers with specific software registered in Add Remove Programs) to check the which devices have the Firmware installed using hardware inventory. Just use the exact name that is displayed in Program and Feature to target your search.
2. You can use our new Asset – Surface devices report to get detailed information about every Microsoft Surface in your environment, including UEFI versions and Firmware versions when deployed with this method.