Windows 10: UEFI with Secure Boot (UEFI version) ?

  1.    18 Dec 2016 #1

    UEFI with Secure Boot (UEFI version) ?

    I want to enable UEFI with Secure Boot and I do have an option to enable Secure Boot.
    But how can I tell if I am running UEFI firmware version 2.3.1.c ?

    Because to enable Secure Boot, machines must have UEFI firmware version 2.3.1.c
    I went to System Information, but It does not tell me the exact UEFI version that I currently have.

      My ComputerSystem Spec

  2.    18 Dec 2016 #2

    Where do you find this version requirement, on the manufacturers support page?

    Right click on Windows Start button and select Run, type msinfo32.exe and click Ok. In resulting display you will find BIOS version/date and SMBIOS version, which will display what your looking for. SMBIOS versions 2.3.x are old versions dating back to pre 2004, doubt you have a machine that old!
      My ComputerSystem Spec

  3.    18 Dec 2016 #3

    Please see my print screen, looks like I have UEFI 2.7.
    So I should be OK then?

    The info I got from here
    Secure Boot Overview
    Manufacturing Requirements

    Secure Boot requires a PC that meets the UEFI Specifications Version 2.3.1, Errata C or higher.
    Secure Boot is supported for UEFI Class 2 and Class 3 PCs. For UEFI Class 2 PCs, when Secure Boot is enabled, the compatibility support module (CSM) must be disabled so that the PC can only boot authorized, UEFI-based operating systems.
    Attached Thumbnails Attached Thumbnails Untitled.png  
      My ComputerSystem Spec

  4.    18 Dec 2016 #4

    If your UEFI did not support Secure Boot, then you would not have the option in the firmware to enable/disable it.
      My ComputerSystem Spec

  5.    18 Dec 2016 #5

    Your screenshot shows SMBIOS version 2.7 so you are good to go!
      My ComputerSystem Spec

  6.    18 Dec 2016 #6

    What if Secure Boot detects a rootkit or a bootkit or a malware in the firmware before Windows loads?
    Will this mean my machine will be "BRICKED" and reinstall Windows?
    Because of that's the case, if Secure Boot detects any malware in the firmware, then my machine will not boot at all. Then what???

    How will I clean or remove a malware that modified the firmware?
    Will I need to reinstall Windows in this case or even replace the motherboard?

    Also, as some of you may know, Secure Boot can be bypassed by just resetting the UEFI Admin password and disable Secure Boot, but since I DO NOT travel with my laptop and only do computing from home, then will this be good enough?

      My ComputerSystem Spec

  7.    18 Dec 2016 #7

    UEFI bios infection is very rare and at present requires physical access to the machine in order to do so.

    To prevent such infections, Trend Micro advises users to enable the UEFI SecureFlash option, to set up a BIOS/UEFI password and to update the firmware to its latest version so that it has the latest security patches. UEFI/BIOS updates are usually distributed by computer manufacturers through their support websites and some of them do fix issues identified by security researchers.

    For more check the link below:

    Hacking Team's malware uses a UEFI rootkit to survive operating system reinstalls | PCWorld
      My ComputerSystem Spec


Related Threads
Hei, So I'm the guy who tried to move from Legacy to UEFI some days ago. I managed to move both Ubuntu and W10 to UEFI. More info on both of the situations here: Solved Can't boot into UEFI mode - Lenovo Z50-70 - Windows 10 Forums ...
So i had secure boot up and running on my windows 8.1 machine after a clean install, but now since microsoft upgraded me to windows 10 it seems as my secure boot is off again, but it's enabled in my bios is so weird, it's enabled in bios but off in...
Hello, I'm currently reinstalling entirely windows 10 x64 with uefi , hardware fast boot, and secureboot. I'm a bit confused because win 10 installer set: Recovery on partition 1 System on partition 2 (win re) MSR (not formated) 3 Then...
Boot mode uefi with secure boot disable in Installation and Upgrade
Ok im about to upgrade to win 10 then do a clean install afterwards of win 10, but i wanted to assure i have everything correct before i start. I updated again my profile with Belarc to assure i have a completed list of my software, i notice this...
So, basically if we have a computer that doesn't have a UEFI BIOS with Secure Boot, then we can't upgrade to Windows 10? Am I right or wrong here?
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 14:09.
Find Us