UEFI with Secure Boot (UEFI version) ?


  1. Posts : 812
    Win10
       #1

    UEFI with Secure Boot (UEFI version) ?


    I want to enable UEFI with Secure Boot and I do have an option to enable Secure Boot.
    But how can I tell if I am running UEFI firmware version 2.3.1.c ?

    Because to enable Secure Boot, machines must have UEFI firmware version 2.3.1.c
    I went to System Information, but It does not tell me the exact UEFI version that I currently have.

    Thanks
      My Computer


  2. Posts : 494
    Win 10 Pro x64 versions
       #2

    Where do you find this version requirement, on the manufacturers support page?

    Right click on Windows Start button and select Run, type msinfo32.exe and click Ok. In resulting display you will find BIOS version/date and SMBIOS version, which will display what your looking for. SMBIOS versions 2.3.x are old versions dating back to pre 2004, doubt you have a machine that old!
      My Computer


  3. Posts : 812
    Win10
    Thread Starter
       #3

    Please see my print screen, looks like I have UEFI 2.7.
    So I should be OK then?


    The info I got from here
    Secure Boot Overview
    Manufacturing Requirements


    Secure Boot requires a PC that meets the UEFI Specifications Version 2.3.1, Errata C or higher.
    Secure Boot is supported for UEFI Class 2 and Class 3 PCs. For UEFI Class 2 PCs, when Secure Boot is enabled, the compatibility support module (CSM) must be disabled so that the PC can only boot authorized, UEFI-based operating systems.
    Attached Thumbnails Attached Thumbnails UEFI with Secure Boot (UEFI version) ?-untitled.png  
      My Computer


  4. Posts : 18,424
    Windows 11 Pro
       #4

    If your UEFI did not support Secure Boot, then you would not have the option in the firmware to enable/disable it.
      My Computer


  5. Posts : 494
    Win 10 Pro x64 versions
       #5

    Your screenshot shows SMBIOS version 2.7 so you are good to go!
      My Computer


  6. Posts : 812
    Win10
    Thread Starter
       #6

    What if Secure Boot detects a rootkit or a bootkit or a malware in the firmware before Windows loads?
    Will this mean my machine will be "BRICKED" and reinstall Windows?
    Because of that's the case, if Secure Boot detects any malware in the firmware, then my machine will not boot at all. Then what???

    How will I clean or remove a malware that modified the firmware?
    Will I need to reinstall Windows in this case or even replace the motherboard?

    Also, as some of you may know, Secure Boot can be bypassed by just resetting the UEFI Admin password and disable Secure Boot, but since I DO NOT travel with my laptop and only do computing from home, then will this be good enough?

    Thanks
      My Computer


  7. Posts : 494
    Win 10 Pro x64 versions
       #7

    UEFI bios infection is very rare and at present requires physical access to the machine in order to do so.

    To prevent such infections, Trend Micro advises users to enable the UEFI SecureFlash option, to set up a BIOS/UEFI password and to update the firmware to its latest version so that it has the latest security patches. UEFI/BIOS updates are usually distributed by computer manufacturers through their support websites and some of them do fix issues identified by security researchers.

    For more check the link below:

    Hacking Team's malware uses a UEFI rootkit to survive operating system reinstalls | PCWorld
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:06.
Find Us




Windows 10 Forums