GunnzAkimbo
Well-known member
- Local time
- 1:50 PM
- Posts
- 15
- OS
- Windows 10
Or MS does it through win update? apparently. I will leave it for now and check if it does in a few days.
My Computer
At a glance
Windows 10
- OS
- Windows 10
Solved garlin's PowerShell scripts for updating Secure Boot CA 2023
- Thread starter garlin
- Start date
SkuSiPolicy is a separate security policy, which can block some boot files (regardless of which Secure Boot cert signed them).
The Secure Boot task from Windows doesn't make changes to this, unless you specify using AvailableUpdates values. Right now, the task is only focused on adding CA 2023 certs, and other enforcement steps wouldn't probably be applied until later this year. If you break it, Windows will stop booting and you will see a winload.efi error with a failed digital signature (not allowed).
The Secure Boot task from Windows doesn't make changes to this, unless you specify using AvailableUpdates values. Right now, the task is only focused on adding CA 2023 certs, and other enforcement steps wouldn't probably be applied until later this year. If you break it, Windows will stop booting and you will see a winload.efi error with a failed digital signature (not allowed).
My Computer
At a glance
Windows 7
- OS
- Windows 7
- Local time
- 10:50 PM
- Posts
- 280
- OS
- Windows 11 Pro 25H2 (26200.8457)
My system has the green check mark under Secure Boot, but there is a substantial wait time to see it.
When I go to Windows Security - Device Security, it only shows Core Isolation (with it's green check) immediately then it can take up to a couple of minutes for the rest of the sections show up - Security Processor and Secure Boot - also all with green checks.
Not sure if this is an issue -- anyone else see this or is this normal behavior?
When I go to Windows Security - Device Security, it only shows Core Isolation (with it's green check) immediately then it can take up to a couple of minutes for the rest of the sections show up - Security Processor and Secure Boot - also all with green checks.
Not sure if this is an issue -- anyone else see this or is this normal behavior?
My Computer
At a glance
Windows 11 Pro 25H2 (26200.8457)AMD Ryzen 7 7800X3D32gb Team Group (T-Force) DDR5-6000Zotac nVidia GeForce RTX 4070 SUPER - 12gb
- OS
- Windows 11 Pro 25H2 (26200.8457)
- Computer type
- PC/Desktop
- Manufacturer/Model
- Pre-built
- CPU
- AMD Ryzen 7 7800X3D
- Motherboard
- MSI Pro B650-VC WiFi
- Memory
- 32gb Team Group (T-Force) DDR5-6000
- Graphics Card(s)
- Zotac nVidia GeForce RTX 4070 SUPER - 12gb
- Sound Card
- Sound BlasterX G6
- Monitor(s) Displays
- Koorui G2421V and ViewSonic VX2453
- Screen Resolution
- P:2560x1440 S:1920x1080
- Hard Drives
- WD Blue SN5000 - 500gb NVME
WD Blue SN580 - 2TB NVME
Seagate 4TB HDD - ST4000VN008-2DR166
- Keyboard
- Mountain Everest
- Mouse
- Logitech G502 Hero
- Internet Speed
- T-Mobile Home Internet
- Browser
- Firefox
- Other Info
- QNAP TS-469 Pro NAS
TP-Link W7200 (2 unit mesh network)
Elgato Streamdeck
The Lenovo Thinkpad T490 in your System One is slightly newer than a Thinkpad T580 (2018) that I've just acquired (a supported device for Windows 11). The latest bios update for mine was released 29 Oct 2025 and seems to include 2023 certificates. Windows update has done its thing and it looks like I'm all ready for revocation without having lifted a finger. I'll wait and let MS do that for me in due time....Did you see any word from Lenovo? Not that it matters since I got the certs installed using your scripts.
Your System Two Lenovo ThinkCentre M83 is almost certainly too old to get new certificates from Lenovo. As you note in your specs, it's also too old to be a supported device.
My Computers
-
At a glance
Windows 11 HomeAMD Athlon Silver 3050U8GBRadeon Graphics- OS
- Windows 11 Home
- Computer type
- Laptop
- Manufacturer/Model
- Acer Aspire 3 A315-23-R9VY
- CPU
- AMD Athlon Silver 3050U
- Memory
- 8GB
- Graphics Card(s)
- Radeon Graphics
- Monitor(s) Displays
- laptop screen
- Screen Resolution
- 1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
- Hard Drives
- 1TB Samsung EVO 870 SSD (from April 2026: 250GB EVO 850)
- Internet Speed
- 150 Mbps
- Browser
- Edge, Firefox
- Antivirus
- Defender
- Other Info
- fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October 2021 it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update, 24H2 on 3rd October 2024 through Windows Update by setting the Target Release Version for 24H2, and 25H2 on 30th September 2025 through Windows Update by setting the Target Release Version for 25H2.
UPDATE - 11 April 2026: due to mechanical deterioration this PC has been retired from active duty. The OS with all software and files has been migrated to my System Seven in 'Other systems' to carry on as my general purpose 'main machine'.
-
At a glance
Windows 11 ProIntel® Core™ i5-520M8GB(integrated graphics) Intel HD Graphics- Operating System
- Windows 11 Pro
- Computer type
- Laptop
- Manufacturer/Model
- Dell Latitude E4310
- CPU
- Intel® Core™ i5-520M
- Motherboard
- 0T6M8G
- Memory
- 8GB
- Graphics card(s)
- (integrated graphics) Intel HD Graphics
- Screen Resolution
- 1366x768
- Hard Drives
- 500GB Crucial MX500 SSD
- Browser
- Firefox, Edge
- Antivirus
- Defender
- Other Info
- unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround.
In-place upgrade to 22H2 using ISO and a workaround.
Feature Update to 23H2 by manually installing the Enablement Package.
In-place upgrade to 24H2 using hybrid 23H2/24H2 install media.
Upgraded to 25H2 by Enablement Package.
Also running Insider Dev, and Canary builds and Windows 10 as native boot .vhdx.
-
My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro.
My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.
My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 1TB NVMe ssd, supported device running Windows 11 Pro, plus Insider Beta, Dev, and Canary builds (and a few others) as a native boot .vhdx.
My SYSTEM SIX is a Dell Latitude 5550, Core Ultra 7 165H, 64GB RAM, 1TB NVMe SSD, supported device, Windows 11 Pro 24H2, Hyper-V host machine. Updated to 25H2 on 30th September 2025.
My SYSTEM SEVEN is a Lenovo Thinkpad T580, Intel Core i7-8650U, 16GB RAM, 512GB NVMe SSD + 2nd 512GB NVMe SSD, a supported device for Windows 11. This is my current general purpose 'main machine'. The installed Windows 11 Home from my System One has been migrated to this machine.
That information about certificates was a new addition to Window Security.Have not done anything or even tried and this AM got this Yeah!
It came with the Update for Windows Security platform - KB5007651 (Version 10.0.29554.1001)
My Computers
-
At a glance
Windows 11 HomeAMD Athlon Silver 3050U8GBRadeon Graphics- OS
- Windows 11 Home
- Computer type
- Laptop
- Manufacturer/Model
- Acer Aspire 3 A315-23-R9VY
- CPU
- AMD Athlon Silver 3050U
- Memory
- 8GB
- Graphics Card(s)
- Radeon Graphics
- Monitor(s) Displays
- laptop screen
- Screen Resolution
- 1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
- Hard Drives
- 1TB Samsung EVO 870 SSD (from April 2026: 250GB EVO 850)
- Internet Speed
- 150 Mbps
- Browser
- Edge, Firefox
- Antivirus
- Defender
- Other Info
- fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October 2021 it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update, 24H2 on 3rd October 2024 through Windows Update by setting the Target Release Version for 24H2, and 25H2 on 30th September 2025 through Windows Update by setting the Target Release Version for 25H2.
UPDATE - 11 April 2026: due to mechanical deterioration this PC has been retired from active duty. The OS with all software and files has been migrated to my System Seven in 'Other systems' to carry on as my general purpose 'main machine'.
-
At a glance
Windows 11 ProIntel® Core™ i5-520M8GB(integrated graphics) Intel HD Graphics- Operating System
- Windows 11 Pro
- Computer type
- Laptop
- Manufacturer/Model
- Dell Latitude E4310
- CPU
- Intel® Core™ i5-520M
- Motherboard
- 0T6M8G
- Memory
- 8GB
- Graphics card(s)
- (integrated graphics) Intel HD Graphics
- Screen Resolution
- 1366x768
- Hard Drives
- 500GB Crucial MX500 SSD
- Browser
- Firefox, Edge
- Antivirus
- Defender
- Other Info
- unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround.
In-place upgrade to 22H2 using ISO and a workaround.
Feature Update to 23H2 by manually installing the Enablement Package.
In-place upgrade to 24H2 using hybrid 23H2/24H2 install media.
Upgraded to 25H2 by Enablement Package.
Also running Insider Dev, and Canary builds and Windows 10 as native boot .vhdx.
-
My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro.
My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 8GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Dev, Beta, and RP 24H2 as native boot vhdx.
My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 8GB RAM, 1TB NVMe ssd, supported device running Windows 11 Pro, plus Insider Beta, Dev, and Canary builds (and a few others) as a native boot .vhdx.
My SYSTEM SIX is a Dell Latitude 5550, Core Ultra 7 165H, 64GB RAM, 1TB NVMe SSD, supported device, Windows 11 Pro 24H2, Hyper-V host machine. Updated to 25H2 on 30th September 2025.
My SYSTEM SEVEN is a Lenovo Thinkpad T580, Intel Core i7-8650U, 16GB RAM, 512GB NVMe SSD + 2nd 512GB NVMe SSD, a supported device for Windows 11. This is my current general purpose 'main machine'. The installed Windows 11 Home from my System One has been migrated to this machine.
In reality, you can get two different versions of the Green check mark. If you have Secure Boot enabled, anyone can get Green.
The best setting is "No further certificate changes are needed." (CA 2023 in effect)
The lesser setting is "Secure Boot is on, but your device is using an older boot trust configuration that should be updated." (CA 2011 in effect). This one means your UEFI hasn't been updated, but you're using Secure Boot (which is better than Secure Boot disabled).
I'm concerned that Security Center doesn't report the lesser setting as a Yellow checkmark, because there's no point to this CA 2023 update unless you're fully taking advantage of the protections. Users might prematurely think they're finished, when there's more work ahead.
The best setting is "No further certificate changes are needed." (CA 2023 in effect)
The lesser setting is "Secure Boot is on, but your device is using an older boot trust configuration that should be updated." (CA 2011 in effect). This one means your UEFI hasn't been updated, but you're using Secure Boot (which is better than Secure Boot disabled).
I'm concerned that Security Center doesn't report the lesser setting as a Yellow checkmark, because there's no point to this CA 2023 update unless you're fully taking advantage of the protections. Users might prematurely think they're finished, when there's more work ahead.
My Computer
At a glance
Windows 7
- OS
- Windows 7
If it helps, in my experience, the updated SkuSiPolicy doesn't block Macrium USB's as long as they are signed with the new CA 2023 Certs. My HP laptop allowed me to boot from there after I upgraded the bootfiles (with your help) and VBS was enabled. I recently disabled VBS for having better compatibility with VMWare Workstation, but I had the chance to test with it enabled.
Probably the file has no issues with the new certs, dunno about others.
Probably the file has no issues with the new certs, dunno about others.
My Computers
-
At a glance
Windows 11 Pro 25H2AMD Ryzen 5 5600G @ 3.9/4.4Ghz2 x 16 GB DDR4 Kingston Fury Beast 3200 MhzAMD Radeon RX 6600 XT MSI Mech 2X OC Edition ...- OS
- Windows 11 Pro 25H2
- Computer type
- PC/Desktop
- Manufacturer/Model
- Built PC
- CPU
- AMD Ryzen 5 5600G @ 3.9/4.4Ghz
- Motherboard
- MSI B550M-PRO-WiFi Ver. 1.4
- Memory
- 2 x 16 GB DDR4 Kingston Fury Beast 3200 Mhz
- Graphics Card(s)
- AMD Radeon RX 6600 XT MSI Mech 2X OC Edition 8 GB
- Sound Card
- Realtek High Definition Audio (Integrated)
- Monitor(s) Displays
- Samsung C50Rx 27" LED / HP S2031 20" LCD
- Screen Resolution
- 1920 x 1080 px / 1600 x 900 px
- Hard Drives
- WD Blue SN570 NVME M.2 SSD [1 TB] -- External Drives: - WD Scorpion Blue 250 GB 5400 RPM (Data Backup) - Hitachi 500 GB 5400 RPM (Software / ISOs Backup) - Toshiba MQ01ABD100 1 TB 5400 RPM (OS Images) - HGST TravelStar 7K1000 1 TB, 7200 RPM USB 3.0 - ADATA SU800 2TB SSD USB 3.0
- PSU
- Corsair RM750e 750W Fully Modular
- Case
- Naceb Hydra NA-1602
- Cooling
- Naceb Orpheus x 3 (Front) + Naceb Cepheus 1200 RPM Max (Rear) + ThemalRight Assasin X 90 SE (CPU)
- Keyboard
- Logitech MK470 Wireless
- Mouse
- Logitech MK470 Wireless
- Internet Speed
- 120 MB Symetrical
- Browser
- Firefox / Brave / Edge
- Antivirus
- Windows Defender
- Other Info
- - VMs: WMware Player - Windows 8.1 Pro x64 / Windows 11 Pro
- Wacom Intuos Pro Small Tablet PTH-460
-
At a glance
Windows 11 Pro 25H2AMD Ryzen 7 7730U @ 2.0/4.5 Ghz2 x 16 GB Kingston Fury Impact DDR4 3200 MhzRadeon (tm) Graphics Vega 8 (512 MB)- Operating System
- Windows 11 Pro 25H2
- Computer type
- Laptop
- Manufacturer/Model
- HP Pavilion 15-eh3000la (80M53LA)
- CPU
- AMD Ryzen 7 7730U @ 2.0/4.5 Ghz
- Motherboard
- HP 8BC7
- Memory
- 2 x 16 GB Kingston Fury Impact DDR4 3200 Mhz
- Graphics card(s)
- Radeon (tm) Graphics Vega 8 (512 MB)
- Sound Card
- Realtek High Definition Audio (Integrated)
- Monitor(s) Displays
- AU Optronics
- Screen Resolution
- 1920 x 1080 px (125% size)
- Hard Drives
- WD Blue SN570 1TB NVME M.2 Drive
- PSU
- 45 Watt Charger
- Cooling
- Laptop Cooling Pad
- Keyboard
- Free Wolf Foldable Portable Keyboard
- Mouse
- Free Wolf Wireless Mouse
- Internet Speed
- 120 MB Symetrical
- Browser
- Firefox / Brave / Edge
- Antivirus
- Windows Defender
- Other Info
- - 41mWh battery.
- Wacom Intuos Pro Small Tablet PTH-460
I'm working to add better reporting on the SkuSiPolicy version. While the EFI file has one version number, it needs to equal or be higher than a possible SkuSiPolicy version number installed in the UEFI (what is known as "UEFI lock").
An UEFI lock isn't always used, which makes it more confusing since you have to configure its use by reg keys.
Once an UEFI lock (or SkuSiPolicy variable) is installed, it gets really cranky when the expected policy file disappears from the EFI partition. This requires a round of disabling Secure Boot, and rebooting so Windows can eventually clear the lock(s) on the next restart. This behavior is similar to the known hack for defeating Windows S mode without installing the Store app (like MS recommends). By disabling Secure Boot and rebooting twice, it clears the policy variables from the UEFI.
The security measure is you have to be in front of the PC to disable Secure Boot, so this step can't be done from Windows by an attacker.
An UEFI lock isn't always used, which makes it more confusing since you have to configure its use by reg keys.
Once an UEFI lock (or SkuSiPolicy variable) is installed, it gets really cranky when the expected policy file disappears from the EFI partition. This requires a round of disabling Secure Boot, and rebooting so Windows can eventually clear the lock(s) on the next restart. This behavior is similar to the known hack for defeating Windows S mode without installing the Store app (like MS recommends). By disabling Secure Boot and rebooting twice, it clears the policy variables from the UEFI.
The security measure is you have to be in front of the PC to disable Secure Boot, so this step can't be done from Windows by an attacker.
My Computer
At a glance
Windows 7
- OS
- Windows 7
I used Mosby on the M83 and got the certs installed assuming that it was too old for Lenovo to bother with. The only thing left is to revoke the 2011 certs on both my machines. I'm debating if I should use @garlin 's script or wait for MS to do it later this summer.
My Computers
-
At a glance
Windows 11 Pro 25H2i7-8565U16GBIntel UHD Graphics 620- OS
- Windows 11 Pro 25H2
- Computer type
- Laptop
- Manufacturer/Model
- Lenovo T490 (2020 Hardware)
- CPU
- i7-8565U
- Motherboard
- 20N20028US
- Memory
- 16GB
- Graphics Card(s)
- Intel UHD Graphics 620
- Sound Card
- Realtec Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 970 PRO 512GB NVMe
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Supported hardware, upgraded from Windows 10 Pro to Windows 11 Pro version 24H2 on 06/01/2025 using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/07/2025. Secure boot enabled. Secure Boot CA 2023 updated.
-
At a glance
Windows 11 Pro 25H2i7-4770 (with SSE4.2, and POPCNT)16GBIntel HD Graphics 4600- Operating System
- Windows 11 Pro 25H2
- Computer type
- PC/Desktop
- Manufacturer/Model
- Lenovo ThinkCentre M83 (2014 Hardware)
- CPU
- i7-4770 (with SSE4.2, and POPCNT)
- Motherboard
- 10AL000GUS
- Memory
- 16GB
- Graphics card(s)
- Intel HD Graphics 4600
- Sound Card
- Realtec High Definition Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 860 PRO 1TB SATA
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Unsupported hardware, upgraded from Windows 10 Pro (TPM 1.2 & unsupported CPU, but does have SSE4.2, and POPCNT) to Windows 11 Pro version 24H2 on 06/15/2025. Added Registry Key HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup – AllowUpgradesWithUnsupportedTPMOrCPU=1 to allow installation using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/08/2025. Secure boot enabled. Secure Boot CA 2023 updated.
@garlin I tried to run .\Update_UEFI-CA2023.ps1 -Latest on my Lenovo T490 but got this error. Any idea what the problem is?
I was then going to run .\Update_UEFI-CA2023.ps1 -Revoke but now I'm not sure I want to risk it.
I am using your latest 04-08-2026 scripts.
I was then going to run .\Update_UEFI-CA2023.ps1 -Revoke but now I'm not sure I want to risk it.
I am using your latest 04-08-2026 scripts.
My Computers
-
At a glance
Windows 11 Pro 25H2i7-8565U16GBIntel UHD Graphics 620- OS
- Windows 11 Pro 25H2
- Computer type
- Laptop
- Manufacturer/Model
- Lenovo T490 (2020 Hardware)
- CPU
- i7-8565U
- Motherboard
- 20N20028US
- Memory
- 16GB
- Graphics Card(s)
- Intel UHD Graphics 620
- Sound Card
- Realtec Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 970 PRO 512GB NVMe
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Supported hardware, upgraded from Windows 10 Pro to Windows 11 Pro version 24H2 on 06/01/2025 using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/07/2025. Secure boot enabled. Secure Boot CA 2023 updated.
-
At a glance
Windows 11 Pro 25H2i7-4770 (with SSE4.2, and POPCNT)16GBIntel HD Graphics 4600- Operating System
- Windows 11 Pro 25H2
- Computer type
- PC/Desktop
- Manufacturer/Model
- Lenovo ThinkCentre M83 (2014 Hardware)
- CPU
- i7-4770 (with SSE4.2, and POPCNT)
- Motherboard
- 10AL000GUS
- Memory
- 16GB
- Graphics card(s)
- Intel HD Graphics 4600
- Sound Card
- Realtec High Definition Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 860 PRO 1TB SATA
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Unsupported hardware, upgraded from Windows 10 Pro (TPM 1.2 & unsupported CPU, but does have SSE4.2, and POPCNT) to Windows 11 Pro version 24H2 on 06/15/2025. Added Registry Key HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup – AllowUpgradesWithUnsupportedTPMOrCPU=1 to allow installation using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/08/2025. Secure boot enabled. Secure Boot CA 2023 updated.
The problem I had with installing the SkuSiPolicy was very odd.
After installing or enabling, it my Macrium (or any other bootable usb) would work just fine as long as Windows was installed on my boot drive.
But as soon as I did a secure erase on the drive (aka no Windows installed), my macrium usb would fail to boot.
Also, I could boot to a Windows install usb and begin setup just fine. But once I deleted all the partitions
to do a clean install, it would copy all the files and then fail to reboot to continue the install. It was kind of bizarre.
I just ended up disabling SkuSiPolicy again rather than fight with it.
peace
wanna
After installing or enabling, it my Macrium (or any other bootable usb) would work just fine as long as Windows was installed on my boot drive.
But as soon as I did a secure erase on the drive (aka no Windows installed), my macrium usb would fail to boot.
Also, I could boot to a Windows install usb and begin setup just fine. But once I deleted all the partitions
to do a clean install, it would copy all the files and then fail to reboot to continue the install. It was kind of bizarre.
I just ended up disabling SkuSiPolicy again rather than fight with it.
peace
wanna
My Computers
-
At a glance
Windows 11 Pro 64 bitIntel® Core™ i5-14600KG.SKILL Ripjaws S5 Series DDR5 (2x16GB) 6400M...PNY RTX 5060 Ti OC 16GB- OS
- Windows 11 Pro 64 bit
- Computer type
- PC/Desktop
- Manufacturer/Model
- Acme Mail Order (meep meep)
- CPU
- Intel® Core™ i5-14600K
- Motherboard
- MSI PRO Z790-A MAX WiFi bios 7E07vMA
- Memory
- G.SKILL Ripjaws S5 Series DDR5 (2x16GB) 6400MT/s CL32
- Graphics Card(s)
- PNY RTX 5060 Ti OC 16GB
- Sound Card
- Onboard Realtek® ALC4080 Codec
- Monitor(s) Displays
- 2 x Dell - S3222DGM 32" LED Curved QHD FreeSync Gaming Monitor
- Screen Resolution
- 2560x1440
- Hard Drives
- 990 PRO PCIe 4.0 NVMe®1TB OS
970 EVO PCIe 3.0 NVMe® SSD 500GB Games
860 EVO SATA 2.5" SSD 1TB Storage
- PSU
- RMx Series™ RM850x — 80 PLUS® Gold
- Case
- LIAN LI PC-G70B Black Aluminum Full Tower
- Cooling
- Custom loop Optimus Foundation Block, MCP655-PWM D5 pump, MCR320 QP rad
- Keyboard
- Razer Black Widow Ultimate
- Mouse
- Razer Death Adder Elite
- Internet Speed
- 500 down 20 up
- Browser
- Edge / Chrome
- Antivirus
- Microsoft Defender
- Other Info
- Always switching installs testing out the latest and greatest.
-
At a glance
Windows 11 Pro 64 bit latest public releaseIntel® Core™ i5-11600KG.SKILL Ripjaws V Series 16GB DDR4 3600 (16-1...EVGA GeForce RTX 3060 XC GAMING 12GB- Operating System
- Windows 11 Pro 64 bit latest public release
- Computer type
- PC/Desktop
- Manufacturer/Model
- Acme Mail Order (meep meep) Wife's PC Edition
- CPU
- Intel® Core™ i5-11600K
- Motherboard
- MSI - Z590 A Pro - bios 7D09v1B1
- Memory
- G.SKILL Ripjaws V Series 16GB DDR4 3600 (16-16-16-36)
- Graphics card(s)
- EVGA GeForce RTX 3060 XC GAMING 12GB
- Sound Card
- Onboard Realtek® ALC897 Codec
- Monitor(s) Displays
- 2 x 27'' ACER S271HL
- Screen Resolution
- 1920x1080
- Hard Drives
- 980 PRO PCIe 4.0 NVMe® SSD 250GB OS
Samsung 128GB 850 PRO SATA III for Storage
- PSU
- CORSAIR - CX-M Series 650W
- Case
- LIAN LI PC-A16B Black Aluminum ATX Mid Tower
- Cooling
- Thermalright Phantom Spirit 120SE Air Cooler
- Keyboard
- Logitech - K740 Illuminated
- Mouse
- Razer Death Adder Elite
- Internet Speed
- 500 down 20 up
- Browser
- Chrome
- Antivirus
- Windows Defender
- Other Info
- Stock clocked, over cooled, and unmolested for a rock solid, whisper quiet, Wifey approved user experience.
You're still struggling with the PS execution policy.
Please use the included batch files in place of calling the actual scripts. All the batch file does is to "wrap" around the script so you don't get execution errors, without having to change your existing security policy.
Check-UEFI.bat in place of Check_UEFI-CA2023.ps1
Check-DBX.bat for Check_DBXUpdate.bin.ps1
Update-UEFI.bat for Update_UEFI-CA2023.ps1
Code:
Update-UEFI.bat -RevokeMy Computer
At a glance
Windows 7
- OS
- Windows 7
In your case, the SkuSiPolicy was "UEFI locked". Which means to prevent an attacker from simply deleting the SkuSiPolicy from the EFI partition (which anyone with Admin rights can do), it also sticks a secure variable in the UEFI which has a matching version number.
If your current SkuSiPolicy file's version number is lower than the UEFI's copy, or the file is missing, then you can't boot. There is a set of commands which can be used to clear the lock. Or another method is to disable Secure Boot, and reboot twice. Windows detects that Secure Boot is off, and will clear the UEFI variable.
My Computer
At a glance
Windows 7
- OS
- Windows 7
"struggling with the PS execution policy" is an understatement. Obviously I don't understand how to correctly use Powershell.
I'm still confused. In the CODE section of your post, are you saying to rename the Update-UEFI.bat file to Update-UEFI.bat -Revoke? Doesn't that make the file non-executable?
My Computers
-
At a glance
Windows 11 Pro 25H2i7-8565U16GBIntel UHD Graphics 620- OS
- Windows 11 Pro 25H2
- Computer type
- Laptop
- Manufacturer/Model
- Lenovo T490 (2020 Hardware)
- CPU
- i7-8565U
- Motherboard
- 20N20028US
- Memory
- 16GB
- Graphics Card(s)
- Intel UHD Graphics 620
- Sound Card
- Realtec Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 970 PRO 512GB NVMe
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Supported hardware, upgraded from Windows 10 Pro to Windows 11 Pro version 24H2 on 06/01/2025 using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/07/2025. Secure boot enabled. Secure Boot CA 2023 updated.
-
At a glance
Windows 11 Pro 25H2i7-4770 (with SSE4.2, and POPCNT)16GBIntel HD Graphics 4600- Operating System
- Windows 11 Pro 25H2
- Computer type
- PC/Desktop
- Manufacturer/Model
- Lenovo ThinkCentre M83 (2014 Hardware)
- CPU
- i7-4770 (with SSE4.2, and POPCNT)
- Motherboard
- 10AL000GUS
- Memory
- 16GB
- Graphics card(s)
- Intel HD Graphics 4600
- Sound Card
- Realtec High Definition Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 860 PRO 1TB SATA
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Unsupported hardware, upgraded from Windows 10 Pro (TPM 1.2 & unsupported CPU, but does have SSE4.2, and POPCNT) to Windows 11 Pro version 24H2 on 06/15/2025. Added Registry Key HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup – AllowUpgradesWithUnsupportedTPMOrCPU=1 to allow installation using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/08/2025. Secure boot enabled. Secure Boot CA 2023 updated.
Undo the rename.
The batch files can be used AS A SUBSTITUTE whenever someone asks you to run one of the PS scripts.
The batch files can be used AS A SUBSTITUTE whenever someone asks you to run one of the PS scripts.
| Batch file command is same as -> | PowerShell command |
| .\Check-UEFI.bat | .\Check_UEFI-CA2023.ps1 |
| .\Check-UEFI.bat -Verbose -BootMedia | .\Check_UEFI-CA2023.ps1 -Verbose -BootMedia |
| .\Update-UEFI.bat | .\Update_UEFI-CA2023.ps1 |
| .\Update-UEFI.bat -Revoke | .\Update_UEFI-CA2023.ps1 -Revoke |
Last edited:
My Computer
At a glance
Windows 7
- OS
- Windows 7
honzikf
Member
- Local time
- 7:50 AM
- Posts
- 1
- OS
- Windows 11
Dear Garlin,
big thanks to you, with the latest version of script I managed to update the certificates in my HP mini PCs.
Thank you,
Jan
big thanks to you, with the latest version of script I managed to update the certificates in my HP mini PCs.
Thank you,
Jan
My Computer
At a glance
Windows 11i7-7700Kingston Fury 32GB DDR4-2666 Dual ChannelIntel HD 630
- OS
- Windows 11
- Computer type
- PC/Desktop
- Manufacturer/Model
- HP EliteDesk 800 G3 DM 65W
- CPU
- i7-7700
- Motherboard
- HP 829A
- Memory
- Kingston Fury 32GB DDR4-2666 Dual Channel
- Graphics Card(s)
- Intel HD 630
- Sound Card
- Sound Blaster X-Fi HD
- Monitor(s) Displays
- Samsung QHD
- Screen Resolution
- QHD
- Hard Drives
- HP SSD EX900 250GB
Crucial CT500MX500SSD1 500GB
- PSU
- HP 90W
- Case
- EliteDesk 800 G3 DM 65W
- Cooling
- Stock
- Keyboard
- Dell Wired Multimedia Keyboard
- Mouse
- logitech Advanced Corded Mouse M500s
- Internet Speed
- 20Mbps
- Browser
- Chrome
- Antivirus
- Bitdefender
- Other Info
- BIOS P21 v. 02.49
Last edited:
My Computers
-
At a glance
Windows 11 Pro 25H2i7-8565U16GBIntel UHD Graphics 620- OS
- Windows 11 Pro 25H2
- Computer type
- Laptop
- Manufacturer/Model
- Lenovo T490 (2020 Hardware)
- CPU
- i7-8565U
- Motherboard
- 20N20028US
- Memory
- 16GB
- Graphics Card(s)
- Intel UHD Graphics 620
- Sound Card
- Realtec Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 970 PRO 512GB NVMe
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Supported hardware, upgraded from Windows 10 Pro to Windows 11 Pro version 24H2 on 06/01/2025 using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/07/2025. Secure boot enabled. Secure Boot CA 2023 updated.
-
At a glance
Windows 11 Pro 25H2i7-4770 (with SSE4.2, and POPCNT)16GBIntel HD Graphics 4600- Operating System
- Windows 11 Pro 25H2
- Computer type
- PC/Desktop
- Manufacturer/Model
- Lenovo ThinkCentre M83 (2014 Hardware)
- CPU
- i7-4770 (with SSE4.2, and POPCNT)
- Motherboard
- 10AL000GUS
- Memory
- 16GB
- Graphics card(s)
- Intel HD Graphics 4600
- Sound Card
- Realtec High Definition Audio
- Monitor(s) Displays
- ASUS VE248
- Screen Resolution
- 1920 X 1080
- Hard Drives
- Samsung SSD 860 PRO 1TB SATA
- Internet Speed
- Frontier fiber 1GB
- Browser
- Chrome, Firefox, Edge
- Antivirus
- Norton 360 Deluxe Plus
- Other Info
- Unsupported hardware, upgraded from Windows 10 Pro (TPM 1.2 & unsupported CPU, but does have SSE4.2, and POPCNT) to Windows 11 Pro version 24H2 on 06/15/2025. Added Registry Key HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup – AllowUpgradesWithUnsupportedTPMOrCPU=1 to allow installation using the Windows 11 ISO file. Used the enablement package to upgrade to version 25H2 on 10/08/2025. Secure boot enabled. Secure Boot CA 2023 updated.
Just double-click directly on the Update-UEFI.bat file and the Update_UEFI-CA2023.ps1 will execute.
My Computer
At a glance
Windows 11 Pro
- OS
- Windows 11 Pro
You need to change to the directory where the script is located.
My Computers
-
At a glance
Win 11 Pro 25H2 26200.8737Intel® Core™ i7-14700KG.SKILL Ripjaws S5 Series 64GB (2 x 32GB) DDR5ASUS GeForce RTX 4070 Super 12GB- OS
- Win 11 Pro 25H2 26200.8737
- Computer type
- PC/Desktop
- Manufacturer/Model
- Self Built
- CPU
- Intel® Core™ i7-14700K
- Motherboard
- ASUS TUF Z690-PLUS WIFI BIOS 4505 11/29/25
- Memory
- G.SKILL Ripjaws S5 Series 64GB (2 x 32GB) DDR5
- Graphics Card(s)
- ASUS GeForce RTX 4070 Super 12GB
- Sound Card
- Sound Blaster AE-5 Plus
- Monitor(s) Displays
- ASUS TUF Gaming 27" 2K HDR Gaming
- Screen Resolution
- 2560 x 1440
- Hard Drives
- Samsung 990 Pro 1TB NVMe (Win 11 25H2)
SK hynix P41 500GB NVMe 25H2 DEV/Games
SK hynix P41 2TB NVMe (x3)
Crucial P3 Plus 4TB
- PSU
- Corsair RM850x Shift
- Case
- Antec Dark Phantom DP502 FLUX
- Cooling
- Corsair Nautilus 360 RS AIO
- Keyboard
- Logitech MK 320
- Mouse
- Razer Basilisk V3
- Internet Speed
- 750Mbs
- Browser
- Firefox
- Antivirus
- Winows Security
- Other Info
- MR 8.1 Home
-
At a glance
Win 11 Pro 25H2 26200.8737Intel Core i7-11700F64 GB DDR4MSI GeForce RTX 3060 Ventus 2X 12GB- Operating System
- Win 11 Pro 25H2 26200.8737
- Computer type
- PC/Desktop
- Manufacturer/Model
- Self Built
- CPU
- Intel Core i7-11700F
- Motherboard
- Asus TUF Gaming Z590 Plus WiFi (BIOS 2803)
- Memory
- 64 GB DDR4
- Graphics card(s)
- MSI GeForce RTX 3060 Ventus 2X 12GB
- Sound Card
- SoundBlaster Audigy Fx V2
- Monitor(s) Displays
- Samsung F27T350
- Screen Resolution
- 1920x1080
- Hard Drives
- Samsung 980 Pro 1TB
Samsung 970 EVO Plus 2TB
Samsung 870 EVO 500GB SSD
- PSU
- Corsair HX750
- Case
- Cougar MX330-G Window
- Cooling
- Thermalright Frozen Edge 240 Black AIO
- Internet Speed
- 350Mbps
- Browser
- Firefox
- Antivirus
- Windows Security
-
System Three
Win 11 Pro 25H2 26200.8737
ASUS PRIME Z370-P II BIOS 3004 7/12/21
Intel Core i7-8700 CPU @ 3.20GHz
32GB DDR4 RAM (4x8)
iGPU Intel UHD Graphics 630
Mid-Tower Desktop
Hey Garlin Prior to today's windows update your script said
SUCCESS: UPDATES ARE FINISHED. UEFI CA 2023 certs are present, PCA 2011 cert is revoked.
Now I have when I run your script I get .
PS C:\SecureBoot-CA-2023-Updates> powershell -nop -ep bypass -f .\Check_UEFI-CA2023.ps1 -Verbose -Audit
Windows 11 25H2 (26200.8246)
Secure Boot: ON
Virtualization Based Security: ON
BitLocker on (C:) OFF
BIOS Firmware
-------------
LENOVO 20VD
Version: F8CN59WW(V2.22)
Date: 2024-06-14
Factory Default UEFI PK Cert
----------------------------
Ideapad Products
UEFI PK Cert
------------
Ideapad Products
Factory Default UEFI KEK Certs
------------------------------
Microsoft Corporation KEK CA 2011
UEFI KEK Certs
--------------
Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023
Factory Default UEFI DB Certs
-----------------------------
Microsoft Corporation UEFI CA 2011
Microsoft Windows Production PCA 2011
Compal_Test
F8V350-ITL
UEFI DB Certs
-------------
Microsoft Corporation UEFI CA 2011
Microsoft Windows Production PCA 2011
Microsoft Option ROM UEFI CA 2023
Microsoft UEFI CA 2023
Windows UEFI CA 2023
Compal_Test
F8V350-ITL
Factory Default UEFI DBX Certs
------------------------------
(NONE)
EFI_CERT_SHA256_GUID Signatures: 33
UEFI DBX Certs
--------------
Microsoft Windows Production PCA 2011
Windows BootMgr SVN 7.0
EFI_CERT_SHA256_GUID Signatures: 438
EFI Files
---------
Windows Boot Manager [Windows UEFI CA 2023] is ALLOWED.
\\.\HarddiskVolume1\EFI\Microsoft\Boot\bootmgfw.efi
File Version: 28000.322, SVN 8.0
Registry: WindowsUEFICA2023Capable = 2
[Windows UEFI CA 2023] in UEFI DB, and Windows starting from CA 2023 Boot Manager.
SkuSiPolicy.p7b is WRONG VERSION.
\\.\HarddiskVolume1\EFI\Microsoft\Boot\SkuSiPolicy.p7b
Version: 3.0.0.13
AUDIT REPORT
============
1. SecureBootUpdates SVN is higher than UEFI DBX
2. SkuSiPolicy.p7b is not updated
REQUIRED ACTION
===============
To revoke the [PCA 2011] cert, run the commands:
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x200 /f
powershell Start-ScheduledTask -TaskName "\Microsoft\Windows\PI\Secure-Boot-Update"
To update SkuSiPolicy.p7b [OPTIONAL], run the command:
Update_UEFI-CA2023.ps1 -SkuSiPolicy
PS C:\SecureBoot-CA-2023-Updates>
Also getting this
PS C:\SecureBoot-CA-2023-Updates> powershell -nop -ep bypass -f .\Check_DBXUpdate.bin.ps1
SUCCESS: Matched 278/278 EFI signatures from "dbxupdate.bin"
No EFI_CERT_SHA256 signatures in C:\WINDOWS\System32\SecureBootUpdates\DBXUpdate2024.bin
No EFI_CERT_SHA256 signatures in C:\WINDOWS\System32\SecureBootUpdates\DBXUpdate2024Legacy.bin
SUCCESS: Matched 278/278 EFI signatures from "dbxupdateLegacy.bin"
FAILED: Missing 1/3 SVN signatures from "DBXUpdateSVN.bin"
FAILED: Missing 1/3 SVN signatures from "DBXUpdateSVNLegacy.bin"
PS C:\SecureBoot-CA-2023-Updates>
This might be the reason?
SUCCESS: UPDATES ARE FINISHED. UEFI CA 2023 certs are present, PCA 2011 cert is revoked.
Now I have when I run your script I get .
PS C:\SecureBoot-CA-2023-Updates> powershell -nop -ep bypass -f .\Check_UEFI-CA2023.ps1 -Verbose -Audit
Windows 11 25H2 (26200.8246)
Secure Boot: ON
Virtualization Based Security: ON
BitLocker on (C:) OFF
BIOS Firmware
-------------
LENOVO 20VD
Version: F8CN59WW(V2.22)
Date: 2024-06-14
Factory Default UEFI PK Cert
----------------------------
Ideapad Products
UEFI PK Cert
------------
Ideapad Products
Factory Default UEFI KEK Certs
------------------------------
Microsoft Corporation KEK CA 2011
UEFI KEK Certs
--------------
Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023
Factory Default UEFI DB Certs
-----------------------------
Microsoft Corporation UEFI CA 2011
Microsoft Windows Production PCA 2011
Compal_Test
F8V350-ITL
UEFI DB Certs
-------------
Microsoft Corporation UEFI CA 2011
Microsoft Windows Production PCA 2011
Microsoft Option ROM UEFI CA 2023
Microsoft UEFI CA 2023
Windows UEFI CA 2023
Compal_Test
F8V350-ITL
Factory Default UEFI DBX Certs
------------------------------
(NONE)
EFI_CERT_SHA256_GUID Signatures: 33
UEFI DBX Certs
--------------
Microsoft Windows Production PCA 2011
Windows BootMgr SVN 7.0
EFI_CERT_SHA256_GUID Signatures: 438
EFI Files
---------
Windows Boot Manager [Windows UEFI CA 2023] is ALLOWED.
\\.\HarddiskVolume1\EFI\Microsoft\Boot\bootmgfw.efi
File Version: 28000.322, SVN 8.0
Registry: WindowsUEFICA2023Capable = 2
[Windows UEFI CA 2023] in UEFI DB, and Windows starting from CA 2023 Boot Manager.
SkuSiPolicy.p7b is WRONG VERSION.
\\.\HarddiskVolume1\EFI\Microsoft\Boot\SkuSiPolicy.p7b
Version: 3.0.0.13
AUDIT REPORT
============
1. SecureBootUpdates SVN is higher than UEFI DBX
2. SkuSiPolicy.p7b is not updated
REQUIRED ACTION
===============
To revoke the [PCA 2011] cert, run the commands:
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Secureboot /v AvailableUpdates /t REG_DWORD /d 0x200 /f
powershell Start-ScheduledTask -TaskName "\Microsoft\Windows\PI\Secure-Boot-Update"
To update SkuSiPolicy.p7b [OPTIONAL], run the command:
Update_UEFI-CA2023.ps1 -SkuSiPolicy
PS C:\SecureBoot-CA-2023-Updates>
Also getting this
PS C:\SecureBoot-CA-2023-Updates> powershell -nop -ep bypass -f .\Check_DBXUpdate.bin.ps1
SUCCESS: Matched 278/278 EFI signatures from "dbxupdate.bin"
No EFI_CERT_SHA256 signatures in C:\WINDOWS\System32\SecureBootUpdates\DBXUpdate2024.bin
No EFI_CERT_SHA256 signatures in C:\WINDOWS\System32\SecureBootUpdates\DBXUpdate2024Legacy.bin
SUCCESS: Matched 278/278 EFI signatures from "dbxupdateLegacy.bin"
FAILED: Missing 1/3 SVN signatures from "DBXUpdateSVN.bin"
FAILED: Missing 1/3 SVN signatures from "DBXUpdateSVNLegacy.bin"
PS C:\SecureBoot-CA-2023-Updates>
This might be the reason?
My Computers
-
At a glance
Windows 11 ProIntel Core i5-12600K 3.7 GHz 10-Core ProcessorCorsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-...Integrated Intel UHD Graphics 770- OS
- Windows 11 Pro
- Computer type
- PC/Desktop
- Manufacturer/Model
- Self built PC by me.
- CPU
- Intel Core i5-12600K 3.7 GHz 10-Core Processor
- Motherboard
- Gigabyte B760M H DDR4 Micro ATX LGA1700 Motherboard
- Memory
- Corsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-3200 CL16 Memory
- Graphics Card(s)
- Integrated Intel UHD Graphics 770
- Sound Card
- Realtek
- Monitor(s) Displays
- LG
- Hard Drives
- Samsung 990 Pro 1 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive
Samsung 990 Pro 2 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive
- PSU
- NZXT 850w ATX 3.1 Gold Fully Modular Power Supply
- Case
- Thermaltake Versa H25 ATX Mid Tower Case
- Cooling
- CPU Cooler Thermalright Assassin Spirit 120 EVO ARGB (ARGB Disabled) - Case Fans BlackThermalright TL-C12C-S X3 66.17 CFM 120 mm Fans 3-Pack (ARGB disabled)
- Internet Speed
- 1 Gbps
- Other Info
- I hate ARGB.
-
At a glance
Windows 11 Pro- Operating System
- Windows 11 Pro
- Computer type
- Laptop
- Manufacturer/Model
- Lenovo ThinkBook 14 G2 ITL
Latest Support Threads
-
Unable to edit or replace imageres.dll.mun file because it's already in use.- Started by flunitazene
- Replies: 3
-
-
Vivaldi Address Bar Driving me Insane in Tab Bar and Below- Started by Xplorer4x4
- Replies: 4
-
Latest Tutorials
-
Personalization Enable Clear Transparent Taskbar with TranslucentTB in Windows 11- Started by Brink
- Replies: 11
-
System Add or Remove "Processor performance boost mode" in Power Options on Windows 11- Started by Brink
- Replies: 29
-
System Change Keyboard Backlight Percentage when using Energy Saver in Windows 11- Started by Brink
- Replies: 0
-
System Enable or Disable Dim Keyboard Backlight when using Energy Saver in Windows 11- Started by Brink
- Replies: 0
