Locate the SPI/BIOS chip on the motherboard (usually an 8-pin Winbond or Macronix chip labeled near the RAM slots). Step 2: Read and Backup the Original BIOS
). This script modifies the code to essentially "forget" the password requirement. Flashing & Cleanup
The script modifies a dumped copy of the laptop's firmware to inject a temporary bypass routine. When the patched BIOS runs, it intercepts the hardware authentication check and instructs the Embedded Controller (EC) chip to wipe the supervisor password area. Lenovo Autopatcher vs. Lenovo Patch
Because Intune cannot natively flash a BIOS during a maintenance window, you use a Lenovo AutoPatcher-style script:
As of 2025, Lenovo AutoPatcher is being merged into the , but the PowerShell-based, headless scripting model remains unchanged. lenovo autopatcher
Lenovo is aggressively moving toward driver rings. However, most large enterprises still use AutoPatcher for two reasons:
Disclaimer: Modifying firmware carries an inherent risk of permanently bricking your device. Proceed at your own risk. Step 1: Dump the Original BIOS
The is a specialized, community-developed software utility used to remove Supervisor Passwords from Lenovo ThinkPad BIOS chips .
Drag and drop your original dump file directly onto the autopatch.exe file, or run it through the Command Prompt: autopatch Use code with caution. Locate the SPI/BIOS chip on the motherboard (usually
: An inexpensive USB device used to read and write data directly to SPI flash chips.
The is a specialized third-party software utility primarily used by advanced users and technicians to unlock BIOS supervisor passwords on ThinkPad laptops .
When a user loses or forgets a ThinkPad Supervisor Password, traditional methods like removing the CMOS battery will not work. The password is saved inside non-volatile EEPROM/UFEI chips. This hardware-level security tool alters a copy of the motherboard's firmware to bypass the authentication sequence entirely. Key Capabilities of Lenovo Autopatcher
Disconnect your programmer tools entirely, reassemble the internal battery hardware components, turn the device back on, enter the BIOS, and click Reset to Factory Defaults (F9) . Your supervisor password is now fully disabled. Technical Hazards and Troubleshooting Common Failure Symptom Probable Structural Cause Resolving Next Step Black Screen / No Boot after flashing patch Flashing & Cleanup The script modifies a dumped
[Read Locked BIOS] ➔ [Run Autopatcher] ➔ [Flash Patched Image] ➔ [Boot & Wipe Password] ➔ [Flash Original BIOS] Recommended way to enter BIOS - ideapad - Lenovo Support US
Use a programming tool (such as flashrom on Linux or AsProgrammer on Windows) to extract the firmware.
Example A — Single PC, manual scripted approach (PowerShell)
Move your verified BIOS dump (e.g., original_bios.bin ) into the directory containing the extracted lenovo_autopatcher files.
This comprehensive guide covers both definitions, providing detailed steps for technical BIOS password recovery as well as insights into enterprise patch automation. Part 1: The Community Lenovo BIOS Autopatcher