Did you manually update your Secure Boot Keys ?


suatcini54

suatcini54

Well-known member
Member
Local time
11:27 PM
Posts
129
OS
Windows 11 Pro build 26200.5570 (Dev)
Hi.

Current Microsoft Secure Boot Keys will expire in 2026. Therefore, it may be advisable to update the keys manually in advance.

I did the update and it was successful.

If you have bitlocker enabled, you are advised to save your bitlocker keys. You will need them after the secure boot key update. I don't have bitlocker enabled.

In powershell console opened as administrator, you must run the following commands, one at a time:

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot” -Name “AvailableUpdates” -Value 0x40

Start-ScheduledTask -TaskName “\Microsoft\Windows\PI\Secure-Boot-Update”

After you run the commands, you have to restart your PC twice for the update to take effect.

To check if the update is successful, you must run the following command in a powershell console with admin privileges:

[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Windows UEFI CA 2023’

This command should return the value TRUE. The below screenshot is from my PC. It returned a True value.

secureBoot.webp

For further information, you may refer to the following Microsoft Windows IT Pro Blog:

Updating Microsoft Secure Boot keys | Windows IT Pro blog

Hope you find this post helpful.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro build 26200.5570 (Dev)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    LG Flatron E2250
    Screen Resolution
    1920 by 1080 pixels
    Hard Drives
    Crucial NVMe PCIe M2 500 GB (Windows 11 v.24H2); Samsung SSD Evo 870 500 GB (Windows 11 v.24H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    200 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender
  • Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Mouse
    Microsoft Wireless
    Keyboard
    Built-in
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A
Thanks.

Seems that MS will have to build something to do this for most users or it's going to be an unmitigated international disaster when the keys expire.
 

My Computer

System One

  • OS
    Windows 11 Pro 24H2
    Computer type
    Laptop
    Manufacturer/Model
    HP
    CPU
    Intel Ultra 7 155H
    Memory
    16gb
    Graphics Card(s)
    Intel Arc integrated
    Hard Drives
    SSD
The CA 2011 certificate will expire in Oct. 2026, but anyone who is using Secure Boot will be eventually be forced by Windows later this year (?) to install the CA 2023 certificate and ban the 2011 version.

You’re welcome to follow this manual process before then, if you’re confident about following instructions.
 

My Computer

System One

  • OS
    Windows 7
garlin said:
The CA 2011 certificate will expire in Oct. 2026, but anyone who is using Secure Boot will be eventually be forced by Windows later this year (?) to install the CA 2023 certificate and ban the 2011 version.

You’re welcome to follow this manual process before then, if you’re confident about following instructions.
Click to expand...
Hi.

I said I already ran the commands. There are just two commands and I restarted the PC twice. That's it.

To verify if the update was successful, I ran another command and the command returned a TRUE value. If it returns a FALSE value, it means the update did not take place.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro build 26200.5570 (Dev)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Built
    CPU
    Intel i7-4790
    Motherboard
    Asus H97 Pro Gamer with add-on TPM1.2 module
    Memory
    Teams DDR3-1600
    Graphics Card(s)
    MSI Nvidia GeForce GTX 1050Ti
    Sound Card
    Realtek ALC1150
    Monitor(s) Displays
    LG Flatron E2250
    Screen Resolution
    1920 by 1080 pixels
    Hard Drives
    Crucial NVMe PCIe M2 500 GB (Windows 11 v.24H2); Samsung SSD Evo 870 500 GB (Windows 11 v.24H2);
    PSU
    Corsair HX850
    Case
    Gigabyte Solo 210
    Cooling
    Zalman CNPS7X Tower
    Keyboard
    Microsoft AIO Wireless (includes touchpad)
    Mouse
    HP S1000 Plus Wireless
    Internet Speed
    200 Mb fiber optic
    Browser
    Chrome; MS Edge
    Antivirus
    Windows Defender
  • Operating System
    MacOS 12 Monterey
    Computer type
    Laptop
    Manufacturer/Model
    Apple Macbook Air
    CPU
    Intel Core i5
    Memory
    8 GB
    Graphics card(s)
    Intel integrated
    Screen Resolution
    1440 by 900 pixels
    Hard Drives
    128 GB
    Mouse
    Microsoft Wireless
    Keyboard
    Built-in
    Internet Speed
    802.11 ac
    Browser
    Chrome; Safari
    Antivirus
    N/A

My Computers

System One System Two

  • OS
    Win 11 Pro 24H2 26100.4202
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self Built
    CPU
    Intel® Core™ i7-14700F
    Motherboard
    ASUS TUF Z690-PLUS WIFI BIOS v4101
    Memory
    G.SKILL Ripjaws S5 Series 64GB (2 x 32GB) DDR5
    Graphics Card(s)
    MSI GeForce RTX 3060 Ventus 2X 12GB OC
    Sound Card
    Sound Blaster AE-5 Plus
    Monitor(s) Displays
    ASUS TUF Gaming 27" 2K HDR Gaming
    Screen Resolution
    2560 x 1440
    Hard Drives
    Samsung 990 Pro 1TB NVMe (Win 11 24H2)
    SK hynix P41 500GB NVMe (24H2 VHDX)
    SK hynix P41 2TB NVMe (x3)
    Crucial P3 Plus 4TB
    PSU
    Corsair RM850x Shift
    Case
    Antec Dark Phantom DP502 FLUX
    Cooling
    Noctua NH-U12A chromax.black + 7 Phantek T-30's
    Keyboard
    Logitech MK 320
    Mouse
    Razer Basilisk V3
    Internet Speed
    350Mbs
    Browser
    Firefox
    Antivirus
    Winows Security
    Other Info
    Windows 11 24H2 26100.4202 (VHDX)
    On System One (Dual Boot)
  • Operating System
    Win 11 Pro 24H2 26100.4061
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self Built
    CPU
    Intel Core i7-11700F
    Motherboard
    Asus TUF Gaming Z590 Plus WiFi
    Memory
    64 GB DDR4
    Graphics card(s)
    EVGA GeForce RTX 2060
    Sound Card
    SoundBlaster Audigy Fx V2
    Monitor(s) Displays
    Samsung F27T350
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 980 Pro 1TB
    Samsung 970 EVO Plus 2TB
    Samsung 870 EVO 500GB SSD
    PSU
    Corsair HX750
    Case
    Cougar MX330-G Window
    Cooling
    Hyper 212 EVO
    Internet Speed
    350Mbps
    Browser
    Firefox
    Antivirus
    Windows Security
Looks like newer machines have the new keys already installed:

1748280637387.webp
 

My Computer

System One

  • OS
    Windows 11 Pro 24H2
    Computer type
    Laptop
    Manufacturer/Model
    HP
    CPU
    Intel Ultra 7 155H
    Memory
    16gb
    Graphics Card(s)
    Intel Arc integrated
    Hard Drives
    SSD
suatcini54 said:
Hi.

I said I already ran the commands. There are just two commands and I restarted the PC twice. That's it.

To verify if the update was successful, I ran another command and the command returned a TRUE value. If it returns a FALSE value, it means the update did not take place.
Click to expand...
MS has stated we’re still in the voluntary phase of DB/DBX deployment. Because a number of Windows partners have cried they need more time to fix their critical UEFI or related driver issues, it’s not mandatory yet.

But MS has waved their hands in the air, Windows will automatically do these steps on its own once the all clear is given. They intend to close the Black Lotus UEFI security hole whether you know anything about it or not. Maybe starting this Fall.
 

My Computer

System One

  • OS
    Windows 7
Q.
will this not be done via Windows Update when the time arrives for the secure boot update needs doing?

best of luck, Steve ..
 

My Computers

System One System Two

  • OS
    Win 11 24H2 Home
    Computer type
    PC/Desktop
    Manufacturer/Model
    HP 24" AiO
    CPU
    Ryzen 7 5825u
    Motherboard
    HP
    Memory
    64GB DDR4 3200
    Graphics Card(s)
    Ryzen 7 5825u
    Sound Card
    RealTek
    Monitor(s) Displays
    24" HP AiO
    Hard Drives
    1TB WD Blue SN580 M2 SSD Partitioned.
    2x 1TB USB HDD External Backup/Storage.
    Internet Speed
    1GB full fibre
    Browser
    Edge & Thunderbird
    Antivirus
    AVG Internet Security
    Other Info
    Mainly Open Source Software
  • Operating System
    Ubuntu 22.04.5 LTS
    Computer type
    Laptop
    Manufacturer/Model
    Dell 13" Latitude 2017
    CPU
    i5 7200u
    Motherboard
    Dell
    Memory
    16GB DDR4
    Graphics card(s)
    Intel
    Sound Card
    Intel
    Monitor(s) Displays
    13" Dell Laptop
    Hard Drives
    250GB Crucial 2.5" SSD
    Mouse
    Gerenic 3 button
    Internet Speed
    WiFi only
    Browser
    FireFox
    Antivirus
    ClamAV TK
    Other Info
    Mainly Open Source Software
XxXxX said:
Q.
will this not be done via Windows Update when the time arrives for the secure boot update needs doing?

best of luck, Steve ..
Click to expand...
Yes. The exact date hasn’t been announced. It was supposed to been done in late 2024 but was delayed based on PC partner concerns.
 

My Computer

System One

  • OS
    Windows 7
Hmm... Don't know if mine had it or not, I ran the two commands for both of my machines, booted twice, and checked, they say true now. Didn't think to check before I did the procedure.

Since my installed were only done a couple months ago on new hardware and are retail licenses, they may have already had the fixes.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 Nvme PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
  • Operating System
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Mouse
    Logitech G305
    Keyboard
    Microsoft Comfort Curve 2000
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
glasskuter said:
No. I'm probably one of the few folks who intentionally has SB turned off...permanently.
Click to expand...
Same here, secure boot disabled every time I update the BIOS
 

My Computer

System One

  • OS
    Windows 11 Pro 24H2 (RP channel)
    Computer type
    PC/Desktop
    Manufacturer/Model
    MSI
    CPU
    AMD Ryzen 7 9800X3D 8-core
    Motherboard
    MEG X870E Godlike
    Memory
    64GB Corsair Titanium 6000/CL30
    Graphics Card(s)
    MSI Suprim X 3080 Ti
    Sound Card
    Soundblaster AE-5 Plus
    Monitor(s) Displays
    ASUS TUF Gaming VG289Q
    Screen Resolution
    3840x2160
    Hard Drives
    Samsung 9100 Pro 4TB (gen 5 x4, system drive/games)
    Samsung 990 Pro 2TB
    Samsung 980 Pro 2TB
    Samsung 870 Evo 4TB
    Samsung T7 Touch 1TB
    PSU
    Seasonic PX-2200
    Case
    Bequiet! Dark Base Pro 901
    Cooling
    Noctua NH-D15S Chromax black
    Keyboard
    Logitech G915 X (wired)
    Mouse
    Logitech G903 with PowerPlay charger
    Internet Speed
    900Mb/sec
    Browser
    Microsoft Edge
    Antivirus
    Windows Defender
garlin said:
Black Lotus UEFI security hole
Click to expand...

Here's a good article if you really want to dig into the bits and bytes of this issue - or, if you are suffering from insomnia.

www.welivesecurity.com

BlackLotus UEFI bootkit: Myth confirmed

ESET researchers are the first to publish an analysis of BlackLotus, the first in-the-wild UEFI bootkit capable of bypassing UEFI Secure Boot.
www.welivesecurity.com
 

My Computer

System One

  • OS
    Windows 11 Pro 24H2
    Computer type
    Laptop
    Manufacturer/Model
    HP
    CPU
    Intel Ultra 7 155H
    Memory
    16gb
    Graphics Card(s)
    Intel Arc integrated
    Hard Drives
    SSD
It's obvious that this is a war of back-n-forth updates vs threats. One reason why it's a constant battle to plug the holes.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 Nvme PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
  • Operating System
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Mouse
    Logitech G305
    Keyboard
    Microsoft Comfort Curve 2000
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
Did the commands on my older Intel 10700 System, will have to make sure i do on my newer AMD system.

These instructions seem simple enough to follow

((should i do the instructions on my rarely logged into "Adminstrator user login" or can i do them on my Microsoft Account linked Standard account.

Though the True Command shows a True Value on my Purchased in July 2024 AMD Ryzen 7 7700X based system, so guess this one is all set for 2026 switch over
 

Attachments

  • Command Verification.webp
    Command Verification.webp
    8.3 KB · Views: 1

My Computers

System One System Two

  • OS
    Windows 11 Pro 26100.4061
    Computer type
    PC/Desktop
    Manufacturer/Model
    PreBuilt
    CPU
    AMD Ryzen 7700X
    Motherboard
    MSI B650 VC WIfi
    Memory
    32GB DDR 5 RGB 5600Mhz
    Graphics Card(s)
    Radeon 7800XT
    Sound Card
    Onboard Audio
    Monitor(s) Displays
    Asus VG245H
    Screen Resolution
    1920x1080
    Hard Drives
    Samsung 990 Evo Plus NVMe Boot
    Samsung 990 Pro 1TB Game NVMe
    Samsung 860 Evo 1TB-Storage


    External
    Western Digital Elements 500GB
    Western Digital My Passport 2TB Blue
    Western Digital My Passport 2TB Red
    Toshiba 2TB in External Enclosure
    Seagate 8TB in External Enclosure
    Seagate 1TB Portable USB 3 External Drive
    Western Digital My Book 8TB (Primary Backup drive)
    Western Digital Black 4TB In External Enclosure
    PSU
    750 Watt High Power
    Case
    Lian Li Lan Cool 216 ARGB Airflow
    Cooling
    2 160MM Front, 1 140MM Rear Exhaust
    Keyboard
    Logitech G513
    Mouse
    Logitech G502 X
    Internet Speed
    Gigabit 1100Mb/35 Upload
    Browser
    MS Edge Chromium and Bing Search
    Antivirus
    Windows Defender, Malwarebytes Premium
    Other Info
    UEFI, Secure Boot, TPM 2.0, Macrium Reflect X
  • Operating System
    Windows 10 Home
    Computer type
    Laptop
    Manufacturer/Model
    HP Omen 15_ce019dx
    CPU
    Intel I7 7700H
    Motherboard
    OEM HP Omen Laptop Motherboard
    Memory
    8GB DDR 4
    Graphics card(s)
    Intel HD 630 and Nvidia Geforce 1050TI
    Sound Card
    Onboard
    Monitor(s) Displays
    15.6 Laptop Display
    Screen Resolution
    1920x1080
    Hard Drives
    128GB NvMe Boot Drive
    1TB Hitachi Sata Hard drive
    PSU
    Laptop PSU
    Case
    Laptop Case
    Cooling
    OEM Cooling
    Mouse
    Logitech G502 Hero
    Keyboard
    OEM Laptop Keyboard
    Internet Speed
    Gigabit 1100 Download/35 Upload
    Browser
    MS Edge with Bing search
    Antivirus
    Windows Defender & Malwarebytes Premium
    Other Info
    Macrium Reflect X
I'd log in as Administrator, that way you're sure you are covered.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 Nvme PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
  • Operating System
    Windows 11 Pro 24H2, Build 26100.4202, Experience Pack 1000.26100.107.0
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Mouse
    Logitech G305
    Keyboard
    Microsoft Comfort Curve 2000
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Security
In addition to the weblink in the top post by @suatcini54 there is an update here from April 2024. It seems to be the latest update on the blog.

techcommunity.microsoft.com

Revoking vulnerable Windows boot managers | Windows IT Pro blog

Learn about the measures Microsoft is taking to help keep you safe from the If you're worried about the BlackLotus UEFI bootkit vulnerability (CVE-2023-24932).
techcommunity.microsoft.com techcommunity.microsoft.com

EDIT: I've checked both my Windows 11 (a desktop and a laptop), both are fully updated to Windows UEFI CA 2023 automatically by MS.
 
Last edited:

My Computers

System One System Two

  • OS
    Windows 11 Pro 24H2 26120.4161
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i9 13900K
    Motherboard
    Asus ProArt Z790 Creator WiFi - Bios 2703
    Memory
    Corsair Dominator Platinum 64gb 5600MT/s DDR5 Dual Channel
    Graphics Card(s)
    Sapphire NITRO+ AMD Radeon RX 7900 XTX Vapor-X 24GB
    Sound Card
    External DAC - Headphone Amplifier: Cambridge Audio DACMagic200M
    Monitor(s) Displays
    Panasonic MX950 Mini LED 55" TV 120hz
    Screen Resolution
    3840 x 2160 120hz
    Hard Drives
    Samsung 980 Pro 2TB (OS)
    Samsung 980 Pro 1TB (Files)
    Lexar NZ790 4TB
    LaCie d2 Professional 6TB external - USB 3.1
    Seagate One Touch 18TB external HD - USB 3.0
    PSU
    Corsair RM1200x Shift
    Case
    Corsair RGB Smart Case 5000x (white)
    Cooling
    Corsair iCue H150i Elite Capellix XT
    Keyboard
    Logitech K860
    Mouse
    Logitech MX Master 3S
    Internet Speed
    Fibre 900/500 Mbps
    Browser
    Microsoft Edge Chromium
    Antivirus
    Bitdefender Total Security
    Other Info
    AMD Radeon Software & Drivers 25.5.1
    AOMEI Backupper Pro
    Dashlane password manager
    Logitech Brio 4K Webcam
    Orico 10-port powered USB 3.0 hub
  • Operating System
    Windows 11 Pro 24H2 26100.2894
    Computer type
    Laptop
    Manufacturer/Model
    Asus Vivobook X1605VA
    CPU
    Intel® Core™ i9-13900H
    Motherboard
    Asus X1605VA bios 309
    Memory
    32GB DDR4-3200 Dual channel
    Graphics card(s)
    *Intel Iris Xᵉ Graphics G7 (96EU) 32.0.101.6078
    Sound Card
    Realtek | Intel SST Bluetooth & USB
    Monitor(s) Displays
    16.0-inch, WUXGA 16:10 aspect ratio, IPS-level Panel
    Screen Resolution
    1920 x 1200 60hz
    Hard Drives
    512GB M.2 NVMe™ PCIe® 3.0 SSD
    Other Info
    720p Webcam
Hello,

3 questions:

So these powershell commands should be run whether you have bitlocker enabled or not?

In both Windows 10 and Windows 11?

And what happens if you don't, which I expect most people won't?



Thanks
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2
    Computer type
    Laptop
    Manufacturer/Model
    Microsoft Surface Pro
    Memory
    32GB
  • Operating System
    Windows 11 Pro 23H2
    Computer type
    Laptop
    Manufacturer/Model
    Lenovo ThinkPad P14s Gen 3 Intel (14”) Mobile Workstation - Type 21AK
    Memory
    32GB
The PS commands are the way to determine which UEFI boot file version you have by checking the signing certificate.

The unrelated BitLocker warning is to potentially disable encryption in the rare case something goes wrong in the BIOS, and you need to provide an alternate boot method to restore Windows. Booting off an alternate method may not grant access to your current keys, so either backing the keys to a different location or disabling BL makes this less scary.
 

My Computer

System One

  • OS
    Windows 7

My Computers

System One System Two

  • OS
    Windows 11 Pro 24H2 26120.4161
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i9 13900K
    Motherboard
    Asus ProArt Z790 Creator WiFi - Bios 2703
    Memory
    Corsair Dominator Platinum 64gb 5600MT/s DDR5 Dual Channel
    Graphics Card(s)
    Sapphire NITRO+ AMD Radeon RX 7900 XTX Vapor-X 24GB
    Sound Card
    External DAC - Headphone Amplifier: Cambridge Audio DACMagic200M
    Monitor(s) Displays
    Panasonic MX950 Mini LED 55" TV 120hz
    Screen Resolution
    3840 x 2160 120hz
    Hard Drives
    Samsung 980 Pro 2TB (OS)
    Samsung 980 Pro 1TB (Files)
    Lexar NZ790 4TB
    LaCie d2 Professional 6TB external - USB 3.1
    Seagate One Touch 18TB external HD - USB 3.0
    PSU
    Corsair RM1200x Shift
    Case
    Corsair RGB Smart Case 5000x (white)
    Cooling
    Corsair iCue H150i Elite Capellix XT
    Keyboard
    Logitech K860
    Mouse
    Logitech MX Master 3S
    Internet Speed
    Fibre 900/500 Mbps
    Browser
    Microsoft Edge Chromium
    Antivirus
    Bitdefender Total Security
    Other Info
    AMD Radeon Software & Drivers 25.5.1
    AOMEI Backupper Pro
    Dashlane password manager
    Logitech Brio 4K Webcam
    Orico 10-port powered USB 3.0 hub
  • Operating System
    Windows 11 Pro 24H2 26100.2894
    Computer type
    Laptop
    Manufacturer/Model
    Asus Vivobook X1605VA
    CPU
    Intel® Core™ i9-13900H
    Motherboard
    Asus X1605VA bios 309
    Memory
    32GB DDR4-3200 Dual channel
    Graphics card(s)
    *Intel Iris Xᵉ Graphics G7 (96EU) 32.0.101.6078
    Sound Card
    Realtek | Intel SST Bluetooth & USB
    Monitor(s) Displays
    16.0-inch, WUXGA 16:10 aspect ratio, IPS-level Panel
    Screen Resolution
    1920 x 1200 60hz
    Hard Drives
    512GB M.2 NVMe™ PCIe® 3.0 SSD
    Other Info
    720p Webcam
You must log in or register to reply here.

Similar threads

  • Article Article
Updating Microsoft Secure Boot keys
4 5 6
Replies
106
Views
20K
THEBOSS619
THEBOSS619
Solved Heads up: Before you update your BIOS
2
Replies
24
Views
15K
Ben Hastings
B

Latest Support Threads

Latest Tutorials

Back
Top Bottom