Upgrading iLO 4 on a HPE ProLiant MicroServer from Linux

I recently got my hands on a ProLiant MicroServer Gen8 by Hewlett Packard Enterprise (HPE). As I always do when setting up a server I checked if the device needs a firmware upgrade.

And indeed it did: It's version of Integrated Lights-Out (iLO) 4, its built-in server provisioning and management software, is affected by CVE-2017-12542, which is a solid 10.0 on the CVSS 2.0 score chart.

So I decided to update it. Fortunately, the iLO web interface has a page where firmware upgrades can be uploaded. Since it's in an isolated network, using the web interface should not pose a security problem.

On the other hand, locating the proper firmware file to upload was not as easy as it should be. It's Hewlett-Packard, after all.

In case someone else is looking for the iLO 4 *.bin file, here's what I did:

1. Visit the iLO 4 support page, but do not select OS-Independent (it's not in there). Select "Red Hat Enterprise Linux 7" instead (direct link)
2. Open the "Firmware - LOM (Lights-Out Management)" section and download hp-firmware-ilo4-2.55-1.1.i386.rpm.
3. To extract the actual firmware file from the RPM, use this command:

$ rpm2cpio hp-firmware-ilo4-2.55-1.1.i386.rpm | bsdtar -x -s'|.*/||' -f - ./usr/lib/i386-linux-gnu/hp-firmware-ilo4-2.55-1.1/ilo4_255.bin

The resulting file (ìlo4_255.bin) can then be uploaded to the web interface:

After the upgrade process finishes, you'll be redirected to the brand new login screen: