epud80
New member
- Local time
- 1:59 PM
- Posts
- 8
- OS
- w11 25h2
Ok done. So is stuck on "suspending bitlocker for one reboot" and nothing happens.
So i tried to suspend bitlocker manually before running the script. What happens:
PS C:\Windows\system32> cd C:\SSB\GARLIN\
PS C:\SSB\GARLIN> powershell -ep bypass C:\ssb\GARLIN\Update_UEFI-CA2023.ps1
Successfully appended "DBUpdate3P2023.bin" to UEFI DB.
REQUIRED ACTION
---------------
Restart Windows, for UEFI updates to take effect.
I then try a check-uefi.bat before rebooting:
PS C:\SSB\GARLIN> .\Check-UEFI.bat
Windows PowerShell
Copyright (C) Microsoft Corporation. Tutti i diritti riservati.
Installa la versione più recente di PowerShell per nuove funzionalità e miglioramenti. Windows PowerShell update message FAQ - PowerShell
Secure Boot: ON
Virtualization Based Security: ON
BitLocker on (C:) OFF
SUSPENDED for 1 reboot.
UEFI KEK Certs
--------------
Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023
UEFI DB Certs
-------------
Microsoft Windows Production PCA 2011
Microsoft Option ROM UEFI CA 2023
Microsoft UEFI CA 2023
Windows UEFI CA 2023
UEFI DBX Certs
--------------
Microsoft Windows Production PCA 2011
Windows BootMgr SVN 7.0
EFI Files
---------
Disk 1: Windows Boot Manager [Windows UEFI CA 2023] is ALLOWED.
Registry: WindowsUEFICA2023Capable = 2
[Windows UEFI CA 2023] in UEFI DB, and Windows starting from CA 2023 Boot Manager.
Disk 1: SkuSiPolicy.p7b (for VBS) is CURRENT.
STATUS REPORT
-------------
Registry: UEFICA2023Status = Updated
SUCCESS: NO UPDATES ARE REQUIRED.
PS C:\SSB\GARLIN>
Then i reboot... and if i do this check again it says
REQUIRED ACTION
===============
To install [UEFI CA 2023] certs, run the commands:
manage-bde -Protectors -Disable C: -RebootCount 1
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x5000 /f
powershell Start-ScheduledTask -TaskName "\Microsoft\Windows\PI\Secure-Boot-Update"
Like we didn't did anything.
So i tried to suspend bitlocker manually before running the script. What happens:
PS C:\Windows\system32> cd C:\SSB\GARLIN\
PS C:\SSB\GARLIN> powershell -ep bypass C:\ssb\GARLIN\Update_UEFI-CA2023.ps1
Successfully appended "DBUpdate3P2023.bin" to UEFI DB.
REQUIRED ACTION
---------------
Restart Windows, for UEFI updates to take effect.
I then try a check-uefi.bat before rebooting:
PS C:\SSB\GARLIN> .\Check-UEFI.bat
Windows PowerShell
Copyright (C) Microsoft Corporation. Tutti i diritti riservati.
Installa la versione più recente di PowerShell per nuove funzionalità e miglioramenti. Windows PowerShell update message FAQ - PowerShell
Secure Boot: ON
Virtualization Based Security: ON
BitLocker on (C:) OFF
SUSPENDED for 1 reboot.
UEFI KEK Certs
--------------
Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023
UEFI DB Certs
-------------
Microsoft Windows Production PCA 2011
Microsoft Option ROM UEFI CA 2023
Microsoft UEFI CA 2023
Windows UEFI CA 2023
UEFI DBX Certs
--------------
Microsoft Windows Production PCA 2011
Windows BootMgr SVN 7.0
EFI Files
---------
Disk 1: Windows Boot Manager [Windows UEFI CA 2023] is ALLOWED.
Registry: WindowsUEFICA2023Capable = 2
[Windows UEFI CA 2023] in UEFI DB, and Windows starting from CA 2023 Boot Manager.
Disk 1: SkuSiPolicy.p7b (for VBS) is CURRENT.
STATUS REPORT
-------------
Registry: UEFICA2023Status = Updated
SUCCESS: NO UPDATES ARE REQUIRED.
PS C:\SSB\GARLIN>
Then i reboot... and if i do this check again it says
REQUIRED ACTION
===============
To install [UEFI CA 2023] certs, run the commands:
manage-bde -Protectors -Disable C: -RebootCount 1
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x5000 /f
powershell Start-ScheduledTask -TaskName "\Microsoft\Windows\PI\Secure-Boot-Update"
Like we didn't did anything.
My Computer
At a glance
w11 25h2
- OS
- w11 25h2
- Computer type
- PC/Desktop
- Manufacturer/Model
- asus






