Category Archives: Secure Boot

Long Trip From 26H1 To 25H2 On P16G3

Now that I have a Snapdragon X2 PC with a “REAL” version of Windows 11 26H1 installed, I no longer needed the “experimental” version on the Lenovo ThinkPad P16 Gen 3 Mobile Workstation. SO I decided to clean install Windows 11 Pro for Workstations 25H2 on that machine instead. Wow! Did I ever choose a wicked path to follow. It turned out to be a long, long trip from 26H1 to 25H2 on P16G3 (machine name for the afore-named ThinkPad). Buckle up!

Why Such a Long Trip From 26H1 To 25H2 On P16G3?

TLDR answer: Secure Boot foul-ups. After the install, I ran garlin’s Check_UEFI-CA2023.ps1 script on my ThinkPad P16 Gen 3, fully expecting the usual audit output I see on other Windows 11 machines. Instead, I got something that stopped me cold — a warning that certain Secure Boot certificate operations were blocked. The focus keyword here is Secure Boot Deployed Mode ThinkPad P16 Gen 3, and if you’ve landed on this post, you’re probably staring at the same bewildering output I was.

Here’s the short version: the machine was stuck in UEFI Deployed Mode — the strictest Secure Boot state in the UEFI specification. Windows reported Secure Boot as “On,” everything looked fine in Windows Security, and yet the Secure Boot certificate update operations the script needed to perform were completely blocked. No error. Just a quiet wall.

As it turns out, Lenovo began shipping 2024-and-newer ThinkPads — including the P16 Gen 3 — in Deployed Mode by default. That’s a deliberate policy change, not a quirk or a misconfig. And once I understood what it meant, the fix turned out to be a two-minute BIOS menu operation. Let me walk you through it.

What Is UEFI Deployed Mode, Exactly?

The UEFI specification defines four platform security modes, and it helps to know all of them before you go poking around in the BIOS.

Mode Platform Key (PK) DeployedMode Flag Can Modify Secure Boot Variables?
Setup Mode Not installed Off Yes — fully open
User Mode Installed Off With proper authentication
Audit Mode Not installed Off Yes — for testing only
Deployed Mode Installed On No — physical BIOS access required

Deployed Mode is the strictest of the four. The vendor’s Platform Key (PK) is installed, and a separate DeployedMode flag is set to active — which means no software running inside Windows, no matter how privileged, can touch the Secure Boot variables: PK, KEK, db, or dbx. The firmware physically refuses those writes. Therefore, any tool that tries to update Secure Boot certificates from within the OS is going to hit a hard stop.

Here’s the generational split that matters: ThinkPads from 2023 and earlier shipped in User Mode, where the PK is installed but the DeployedMode flag is off, leaving the certificate database accessible via authenticated software. The P16 Gen 3 — along with other 2024-and-newer Lenovo models — ships in Deployed Mode by design. That’s a meaningful architectural difference, and it’s why older tutorials and community scripts don’t account for it. [Source: Lenovo CDRT Docs — Guide to Secure Boot Modes]

Garlin’s Scripts Hit A Wall

Let me be clear: garlin’s PowerShell scripts are excellent community work. The Check_UEFI-CA2023.ps1 and Update_UEFI-CA2023.ps1 scripts are the most thorough tools available for migrating from the expiring 2011 UEFI CA to the 2023 UEFI CA. That’s a transition Microsoft is pushing hard as it tightens Secure Boot enforcement. However, they presuppose a machine in User Mode, where certificate variable writes are at least possible with the right credentials.

On a machine in Deployed Mode, that presupposition falls flat. The firmware’s DeployedMode flag instructs the UEFI runtime to reject all Secure Boot variable modifications originating from the OS environment — full stop. Garlin himself acknowledges as much: you can’t make certain changes while the vendor’s PK is in place and the DeployedMode flag is active. The scripts detect this condition and report it, which is exactly what I saw.

There’s a second layer to this on my specific machine. The P16 Gen 3 runs Windows 11 Pro for Workstations — a meaningfully different edition from Home, Pro, or Enterprise. Pro for Workstations ships with Virtualization-Based Security (VBS) and HVCI enabled by default and uses an edition-specific SkuSiPolicy.p7b file. In addition, it’s designed for domain and enterprise management workflows. The scripts were built around the more common consumer and business editions; Pro for Workstations introduces just enough architectural divergence that some operations require extra care. As a result, even if Deployed Mode weren’t in the picture, this wouldn’t be a straight plug-and-play situation.

The Fix: Exiting Deployed Mode via BIOS

Here’s what I did. The good news is that Lenovo provides a clean, supported path to exit Deployed Mode directly from the BIOS Setup interface — without clearing Secure Boot keys, without entering Setup Mode, and without reinstalling anything. The machine transitions from Deployed Mode to User Mode: the PK stays installed, Secure Boot stays on, and the OS-level certificate update path opens back up.

⚠ Warning — Read Before You Touch Anything

Do NOT select “Reset to Setup Mode” or “Clear All Secure Boot Keys” in the BIOS menu. Either action removes the Platform Key entirely, disables Secure Boot, and requires full manual key reinstallation to recover — a process that is very much not two minutes. If you’re unsure at any step, “Restore Factory Keys” is a safe fallback that gets you back to Lenovo’s shipped state.

Step-by-Step: Exit Deployed Mode on the ThinkPad P16 Gen 3

  1. Enter BIOS Setup. Restart the machine. Press F1 (or Fn+F1 if function-key lock is on) repeatedly at the Lenovo logo during POST. The ThinkPad UEFI BIOS Setup menu opens.
  2. Navigate to Security → Secure Boot . Use the arrow keys. You’re looking specifically for the sub-entries one level down.
  3. Select “Exit Deployed Mode.” This is the one you want. Confirm the action when prompted. This clears the DeployedMode flag only — the Platform Key remains installed and Secure Boot stays active. The machine moves from Deployed Mode to User Mode.
  4. Save and exit. Press F10 and confirm the save. The system reboots.
  5. Verify in Windows. Open msinfo32 (Win+R → msinfo32 → Enter). Under System Summary, confirm: Secure Boot State = On and Platform Mode = User Mode. Both should now read correctly.
  6. Re-run garlin’s Check script. Open an elevated PowerShell prompt and run Check_UEFI-CA2023.ps1 again. The Deployed Mode warning should be gone, and the script should now report actionable certificate update steps as intended.
💡 Tip

If “Exit Deployed Mode” doesn’t appear in your Key Management menu, confirm you’re running a current BIOS version. Lenovo has updated the P16 Gen 3 firmware several times since launch — older BIOS revisions may expose the option differently or label it under a slightly different path. [Source: Lenovo Support HT515493]

Bottom Line

The ThinkPad P16 Gen 3’s Deployed Mode is a feature, not a bug — Lenovo added it to give enterprise customers the highest available firmware integrity assurance right out of the box. Garlin’s scripts are genuinely excellent community tools for the Secure Boot CA 2023 migration, but they presuppose User Mode and a standard Windows edition. Alas, on the P16 Gen 3 running Pro for Workstations, those assumptions don’t hold without first making one BIOS menu change. That said, once you exit Deployed Mode and land back in User Mode, the standard Windows Secure Boot update path works exactly as intended — and the whole detour costs you about two minutes and one reboot.

One more thing: Garlin will tell you to edit the registry and run a scheduled Secure-Boot-Update task. Works on most Windows editions, but not on Pro for Workstations. Follow his advice, unless you’re running that version. I wasted hours until I figured out it just wouldn’t work. Sigh.

Facebooklinkedin
Facebooklinkedin

Lenovo PC SVNs Can Vary

I have multiple Lenovo machines in my office. This morning I was checking a ThinkPad P16 Gen 3 mobile workstation and a ThinkStation P3 Ultra desktop in the wake Patch Tuesday’s update. Both run Windows 11, with Secure Boot enabled. While poking around in their Secure Boot UEFI settings, I noticed something that stopped me cold. These two machines report different Secure Boot SVN values. Same vendor. Roughly the same generation. Same security feature switched on. So why the difference? As it turns out, the answer is genuinely interesting, and it matters if you manage a mixed fleet of Lenovo hardware. Bottom line: Lenovo PC SVNs can vary. Let’s explore…

How Is It That Lenovo PC SVNs Can Vary?

SVN stands for Secure Version Number — a monotonically increasing counter (meaning it only ever goes up, never down). It’s embedded directly in UEFI firmware. Its job is to record how many Secure Boot security revisions a device has seen over its lifetime.

Let’s distinguish the Secure Boot SVN from two things it often gets confused with. First, it is not the same as the Secure Boot DB/DBX (the UEFI allow-list and deny-list databases that control which bootloaders and drivers are trusted or revoked). Second, it is not the same as your plain BIOS version number. The BIOS version tracks firmware feature releases; SVN tracks security-policy changes.

The practical muscle behind the SVN is its rollback prevention. If a piece of firmware or a bootloader carries a Secure Boot SVN lower than the minimum value stored in non-volatile memory, the UEFI stack simply refuses to load it. That makes it much harder for an attacker to downgrade your firmware to a vulnerable older version — a classic attack vector the SVN is designed to close.

Lenovo P16 Gen 3 vs. ThinkStation P3 Ultra

The lead-in graphic shows the output from Garlin’s check script and the get-SecureBootSVN command on the P16. Here’s what I found on the P3 Ultra, by way of contrast and comparison:

For the P16 Gen3 SVN is 8.0; for the TSP Ultra, it’s 9.0. WTF?

My first instinct was that something was misconfigured. It was not. These two machines serve quite different market segments. The P16 Gen 3 is a mobile workstation, designed for road warriors and power users who demand both portability and security. The ThinkStation P3 Ultra is a compact desktop workstation, built for workstation-class compute in a fixed location, where stability and long-term reliability tend to trump rapid update cycles.

Critically, the two platforms ship from separate firmware engineering teams inside Lenovo, each running its own BIOS release cadence. ThinkPad-family machines — including the P16 series — have historically received more frequent UEFI updates, driven by the constant churn of mobile power-management tuning, thermal firmware, and rapid security patch integration. ThinkStation platforms, by contrast, follow a slower, more deliberate update cadence that prioritizes stability for long-running workloads. Neither approach is wrong. They just produce different Secure Boot SVN trajectories over time. This time, however, the usual order got stood on its head: the ThinkStation preceded the ThinkPad.

How the SVN Update Pipeline Works

To really understand the divergence, you need to know how the Secure Boot SVN update pipeline actually flows. It is a three-layer process, and each layer operates on its own schedule.

  1. Microsoft issues a Secure Boot policy change or DBX update. A concrete example: the revocation of vulnerable bootloaders tied to CVE-2023-24932 (the so-called BlackLotus UEFI bootkit vulnerability). Microsoft publishes updated Secure Boot DB and DBX payloads, and the associated policy mandates a new minimum SVN level.
  2. OEMs like Lenovo incorporate updated SVNs into a new BIOS/UEFI release. Here is where the divergence begins. Lenovo’s mobile and desktop firmware teams each pick up the Microsoft changes on their own schedules. The ThinkPad team typically ships updated BIOS builds faster; the ThinkStation team takes longer to validate the changes against its broader ISV (independent software vendor) compatibility matrix.
  3. Windows Update stages Secure Boot DB/DBX changes to end-user systems in controlled waves. Microsoft doesn’t push Secure Boot policy changes to every machine simultaneously. It uses a staged rollout — sometimes spanning months — so different machines in your fleet can legitimately sit at different SVN levels even if they have all received recent Windows updates.

One more wrinkle worth noting: Lenovo now pre-configures newer-generation machines from the factory with both the legacy CA 2011 and the new CA 2023 Secure Boot certificates already in place. Older units, however, need a BIOS update to pick up those 2023 trust anchors. That factory-level difference alone can produce an SVN gap between otherwise-similar machines.

ℹ️ Key Insight

SVN divergence across a mixed fleet is a normal artifact of the staged update pipeline — not a sign of a compromised or misconfigured machine. The goal is parity over time, not instant uniformity.

What Should You Do?

The good news is that remediation steps here are straightforward. Here is what I recommend:

  • Update BIOS/UEFI on all machines to the latest Lenovo-published version. Head to the Lenovo Support site (support.lenovo.com), search for your specific model, and grab the current BIOS update. For the ThinkStation P3 Ultra in particular, confirm the release notes explicitly mention CA-2023 certificate integration. Do not rely on Windows Update alone to deliver BIOS updates; go direct to Lenovo.
  • Verify CA-2023 is present in the Secure Boot DB using PowerShell. Run the following one-liner on each machine to confirm the 2023 trust anchor is actually installed:
[System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Windows UEFI CA 2023’

A result of True means the CA-2023 certificate is in the DB and your Secure Boot SVN should reflect the update. A result of False means the machine still needs the BIOS update or the Windows Update wave has not yet reached it.

  • For managed fleets, track SVN parity via Intune or MECM compliance policies. Build a compliance rule that surfaces machines whose Secure Boot SVN falls below your defined minimum baseline. That way you can proactively identify stragglers before 2026 certificate expiration forces your hand.

Bottom line: Secure Boot SVN divergence across a heterogeneous fleet of Lenovo machines is normal, expected behavior. It’s no red flag. The firmware update pipeline simply operates in waves, and different product families move at different speeds. What matters is establishing a consistent minimum Secure Boot SVN across all your machines well before the 2026 CA expiration deadline arrives. Start the BIOS update sweep now, and you’ll have plenty of time to close gaps without deadline pressure.

Facebooklinkedin
Facebooklinkedin

Post Patch Tuesday CA-2011 Certs Still Kickin’

Yesterday was Patch Tuesday, and I read about Secure Boot changes in that mix. I was curious to see if MS had revoked any CA-2011 boot certificates yet. You can see the post Patch Tuesday CA-2011 certs still kickin’, from the output of the Garlin check script (v.2026.06.08). So I went off looking, specifically to check expiration dates. Here’s what I found…

If Post Patch Tuesday CA-2011 Certs Still Kickin’, When Is Revocation?

I asked Google AI to tell me about expiration dates for the three Microsoft Secure Boot 2011 certificates. Here’s what’s coming down the pike:

  • Microsoft Corporation KEK (Key Exchange Key) CA 2011 expires June 24, 2026. Microsoft Corporation KEK 2K CA 2023 replaces that certificate going forward.
  • Microsoft UEFI CA 2011 expires June 27, 2026. Microsoft UEFI CA 2023 replaces it, and it’s used to sign 3rd-party bootloaders.
  • Microsoft Windows Production PCA 2011 expires on October 19, 2026. Microsoft UEFI CA 2023 also replaces this as well.
  • In addition, MS is adding the Microsoft Option ROM UEFI CA 2023 cert to the mix. As the name says, it’s used to sign third-party option ROMs.

Copilot confirms this info, and it’s also covered in an MS Support Note entitled “Windows Secure Boot certificate expiration and CA updates.”

Then End Is Near, But Not Yet Here…

Thus, it looks like MS has decided not to anticipate the two closest upcoming expiration dates, scheduled for the final Wednesday (6/24) and Saturday (6/27) of this month. I’d wondered about that. If MS issues a Preview CU for July on June 30 (as it often does) we may see it then. Stay tuned: I’ll keep you posted.

 

Facebooklinkedin
Facebooklinkedin

Explainer: Secure Boot Chain of Trust

Here’s an uncomfortable, seldom considered truth: your operating system isn’t the first thing that runs when you power on your PC. The firmware goes first. Then the bootloader. Then the OS kernel. Malware creators figured this out a long time ago. Get in early enough — before the OS loads — and you can own a machine invisibly, surviving reboots, reinstalls, and even antivirus scans. All this explains why the secure boot chain of trust is vital to modern Windows security.

The threat is real and it’s present right now. BlackLotus, a UEFI bootkit sold on criminal forums, made headlines in 2023 for bypassing Secure Boot on fully patched Windows 11 systems. BootHole exposed a critical flaw in GRUB2’s boot process that affected both Linux and Windows. PKFail (2024) revealed that dozens of device vendors had shipped products using a leaked “do not ship” test Platform Key — meaning the root of the entire trust hierarchy was compromised straight out of the box. Then, in January 2025, ESET researchers disclosed CVE-2024-7344: a Microsoft-signed UEFI recovery application that could silently load unsigned bootkit code — on any UEFI system, regardless of whether Secure Boot was enabled. Microsoft pulled the vulnerable binaries in the January 14, 2025 Patch Tuesday update.

Boot-time attacks aren’t theoretical. They’re happening. Under-standing Secure Boot’s chain of trust is the first step toward knowing whether your defenses are actually holding.

Understanding the Secure Boot Chain of Trust

Think of the chain of trust as a series of checkpoints at the border. Each checkpoint must vouch for the next before anything is allowed through. No vouching, no entry, and the boot process stops dead.

In technical terms: every component in the boot sequence verifies the digital signature of the next component cryptographically before handing off execution. The firmware checks the bootloader. The bootloader checks the OS kernel. The kernel checks drivers. If any link in that chain can’t be verified — wrong signature, no signature, a signature that’s been revoked — the process stops. Your PC refuses to proceed rather than run untrusted code. That’s the whole point. Always safe means never sorry, even if it also means a PC that won’t fire up and run.

The chain only works, of course, if the first link is trustworthy. That’s where the UEFI key hierarchy comes in.

The Key Players: PK, KEK, db, and dbx

UEFI Secure Boot manages trust through four interlocking databases baked into your firmware. Get familiar with them — they come up constantly whenever something goes wrong at boot time.

Key / Database Full Name Role
PK Platform Key Root of trust. Set by the hardware manufacturer. Controls who can update KEK.
KEK Key Exchange Key Authorized to update the signature databases (db and dbx).
db Signature Database Hashes and certificates of trusted bootloaders allowed to execute.
dbx Forbidden Signatures Database Revoked signatures and hashes. Anything here is blocked unconditionally.

The PK sits at the top. Your motherboard manufacturer owns it. Below the PK, the KEK authorizes who gets to update the lists of trusted and forbidden signatures. In practice, Microsoft functions as the de facto Secure Boot Certificate Authority for the consumer PC ecosystem. Nearly every machine you buy ships with Microsoft’s certificates pre-loaded in db — exactly why CVE-2024-7344 was so broadly dangerous. A legitimately Microsoft-signed binary became a usable attack vector!

Worth Knowing: PKFail and the Test Key Problem

In 2024, the PKFail vulnerability revealed that over 200 device models from multiple vendors shipped with a Platform Key originally marked “DO NOT TRUST” — a sample key from AMI’s reference firmware that was never meant to leave the lab. When your PK is public knowledge, the entire root of trust collapses.

How the Chain Is Created at Boot Time

Power on your PC, and here’s what actually happens — fast, invisible, and mostly taken for granted.

  1. The UEFI firmware initializes hardware and activates Secure Boot mode.
  2. The firmware reads the bootloader from the EFI System Partition and checks its signature against db. It also checks against dbx — if it’s there, execution stops immediately.
  3. The signed bootloader (Windows Boot Manager, for example) takes over and verifies the OS kernel’s signature using its own embedded certificates.
  4. The kernel loads and verifies signed drivers. On Windows, this is enforced through Driver Signature Enforcement — unsigned kernel-mode code is blocked by default.

Every handoff is cryptographically verified before it happens. Compromise any link — plant an unsigned binary, exploit a signed-but-vulnerable loader, sneak past a misconfigured dbx — and an attacker owns your machine below the OS waterline. That’s precisely the attack surface that BlackLotus, BootHole, and CVE-2024-7344 each exploited in different ways.

Maintaining a Strong Chain of Trust

Secure Boot isn’t a “set it and forget it” control. Maintaining a healthy chain of trust requires ongoing attention from both Microsoft and from you.

The most important maintenance lever is the dbx — the blocklist. When a bootloader is found vulnerable (as happened with a batch of 2011-era Microsoft-signed binaries in 2023, and again with the CVE-2024-7344 binaries in January 2025), Microsoft issues dbx updates through Patch Tuesday. Your firmware then refuses to execute those specific binaries even if they’re somehow placed on the system. Keeping Windows Update current is how those revocations reach your PC.

Firmware updates matter just as much. Vulnerabilities in the UEFI firmware itself require OEM-supplied updates delivered via Windows Update or manufacturer tools. The NSA and CISA have both issued guidance recommending that organizations periodically audit their Secure Boot configuration — confirming the correct keys are enrolled, the dbx is current, and no rogue Platform Keys are in place (a lesson PKFail drove home hard).

Complementing Secure Boot is the TPM’s Measured Boot capability. While Secure Boot enforces what can execute, Measured Boot records cryptographic measurements of everything that did execute into TPM Platform Configuration Registers (PCRs). Remote attestation tools can then verify those measurements after the fact. Think of Secure Boot as the bouncer at the door; Measured Boot is the security camera logging who actually got in.

Why the Chain of Trust REALLY Matters

Secure Boot isn’t perfect — BlackLotus, BootHole, PKFail, and CVE-2024-7344 all proved that. But “not perfect” is a long way from “useless.” It raises the cost and complexity of boot-level attacks significantly, and when the ecosystem keeps the revocation databases current, it closes known attack paths quickly.

Do yourself a favor: open System Information (msinfo32), find BIOS Mode (should read UEFI) and Secure Boot State (should read On). If either is wrong, fix it. Keep your firmware updated. Keep Windows updated. The chain of trust is only as strong as its weakest, most-neglected link — and that link is usually sitting right between the keyboard and the chair. Here in Windows-World keeping track of key security concerns is darned important. The Secure Boot chain of trust should be at the top of everyone’s list.

Facebooklinkedin
Facebooklinkedin

Another Toolset for Secure Boot Checks

Yesterday, I read my way through the latest AskWoody newsletter. In Susan Bradley’s article “Check Those Browsers” I found reference to Secure Boot checks: “If you merely need to run a script to check the UEFI KEK, DB, and DBX Secure Boot variables, you can use this one.” Because the source wasn’t directly named, I followed that link to access cjee21’s scripts entitled Check-UEFISecureBootVariables at GitHub. And there, I found another toolset for Secure Boot Checks — and a good one, too.

Why Grab Another Toolset for Secure Boot Checks?

You can (and probably should) visit GitHub to grab cjee21’s Check-UEFISecureBootVariables. At the time of writing it’s sitting at 226 stars and was updated two days prior — such active maintenance on a niche diagnostic utility is a good thing. This is the tool you want when your first question is “What do I actually have on this machine?”

Its orientation is forensic and inspection-first. It surfaces everything inside the UEFI Secure Boot variable store: PK, KEK, DB, DBX, event logs, and XML dumps of the full variable contents. Most people working a CA-2023 compliance problem have never actually looked at those variables directly. This tool makes that straightforward.

Two specific components stand out for CA-2023 work:

  • Check EFI file info.cmd — This is the direct answer to what Get-AuthenticodeSignature lacks. Point it at an .efi file and it explicitly tells you which CA signed it (CA-2011 or CA-2023), along with the SVN, SBAT level, and raw version data. That’s the specific question you must answer, and this specific tool answers it.
  • Scan ESP for revoked files.cmd — This one scans EFI binaries on a drive against the live Microsoft DBX revocation list. If you’re checking USB boot media for compliance — a Ventoy stick, a WinPE drive, a rescue environment — this is the fastest way to know whether anything on it has been revoked.

Don’t Forget the Garlin Scripts (ElevenForum)

Cjee21’s scripts show and tell you what you’ve got. Garlin’s ElevenForum Scripts tell you what to do about it. This pair of scripts: Check_UEFI-CA2023.ps1 and Update_UEFI-CA2023.ps1, are action-oriented where cjee21’s tool is inspection-oriented. At 38 GitHub stars it’s a smaller project, but it was updated approximately two weeks before writing and recent commits show active refinement, including a fix for a bug in SVN signature data ordering. The associated forum thread is VERY active, and usually gains 2-3 pages per day.

The workflow is deliberately linear and guided: run Check_UEFI-CA2023.ps1 to assess your current CA-2023 status, then run Update_UEFI-CA2023.ps1 to fix whatever it finds. The scripts source certificates from \Windows\System32\SecureBootUpdates and the official Microsoft Secure Boot Objects repository, so you’re not pulling from unofficial or unverified sources.

A few things make the Garlin scripts especially helpful:

  • USB removable media support — It handles boot file updates for USB recovery media like Macrium Reflect drives and similar tools. This is a gap that most documentation quietly ignores.
  • Broader architecture coverage — x64, x86, arm64, and arm are all supported, which gives it wider applicability than you might expect from a community script.
  • Accessible for non-specialists — The guided, opinionated workflow means you don’t need deep UEFI expertise to use it. The script makes the decisions; you confirm them.

Complementary, Not Competitive

Again: the cjee21 scripts show you what’s what with Secure Boot on a Windows PC, at a deep level of detail. More than many of us want to know, in fact. The Garlin scripts tell you what to do about your current status, and help you set things right on installed systems and for bootable media.  A great combination, well worth exercising. Give them a try, if you haven’t already.

Facebooklinkedin
Facebooklinkedin

MCT Now Delivers CA-2023 Bootloader

There’s the thing about working in Windows IT long enough.  You develop a finely tuned instinct for when something sounds simple but absolutely isn’t. Microsoft has been gradually rolling out Secure Boot CA-2023 support, and the boots-on-the-ground question I needed to answer was about as plain-English as it gets: is the bootable USB drive sitting on my desk actually CA-2023 compliant, or not? A yes-or-no question. It took me a while, but I finally got the answer: As of 4/30/2026, MCT now delivers CA-2023 bootloader and compliant WIM (or, in this case, “split WIM” aka .swm) files.

Determining That MCT Now Delivers CA-2023 Bootloader

At first, I got sidetracked by Copilot. It recommended the PowerShell command Get-AuthenticodeSignature to check status. Alas, the bootloader is “dual-signed” which means it’s signed with BOTH CA-2011 AND CA-2023 certificates. And because the 2011 gets picked up first, the PS command reports it ONLY as signed with the older certificate. It was indeed signed with CA-2023 (and compliant) but my check couldn’t tell me that. Sigh.

So I changed gears and used Garlin’s wonderful (and entirely accurate) Check_UEFI-CA2023.ps1 script from ElevenForum. You can see its output in the lead-in graphic. In a nutshell, it shows the USB stick as CA-2023 compliant. Flo6 ditto, with CA-2011 revoked.

But First, You Must Be Punished…

I dithered around with Copilot for an hour or so trying to “replace” the CA-2011 bootx64.efi file with a CA-2023 compliant version. Until I switched to the Garlin script, I didn’t realize already WAS CA-2023 compliant. That’s when I figured out that indeed MCT now provides CA-2023 compliant bootloaders and image files.

How so? That definitive answer comes from the afore-named PowerShell diagnostic script  — a tool specifically designed to tell you, clearly and unambiguously, whether your Windows system and its boot media are CA-2023 ready. The syntax for that check is:

.\check_UEFI-CA2023.ps1 -bootmedia -verbose

My recommendation: run the Check_UEFI… script to check your system, and bootable USBs. Even if you’re confident that your MCT media is fresh and your system is current, Garlin’s script is the only way to get a clean yes-or-no on your specific configuration. Think of it as the verification step that turns “I think I’m good” into “I know I’m good.”

Between MCT now generating compliant media by default and a trustworthy diagnostic tool available to confirm it, the CA-2023 story is getting meaningfully less murky. We’re not all the way there yet — but for once, things are actually trending in the right direction. I’ll take it. Here in Windows-World, that’s about as good as it gets!

 

 

 

Facebooklinkedin
Facebooklinkedin

Making Boot/Recovery Media CA-2023 Compliant

OK, I confess. I’m more than a little OCD in keeping my Windows PCs updated. That applies to Secure Boot as much as anything else. And recently, in bringing my mini-fleet here at Chez Tittel up to snuff, I’ve found myself with old boot UFDs and current PCs. Yesterday, I blogged about that in a post about  “Checking Boot/Recovery Media…” Today, in reading the ElevenForum threads I learned that Garlin’s check script now includes boot media status. I also learned how to make my dozen or so bootable UFDs current.

Bootloader Is Key: Making Boot/Recovery Media CA-2023 Compliant

As you can see in the lead-in graphic the file named bootx64.efi is key to compliance. If the file is signed with CA-2023, it’s good; if it’s signed with CA-2011; it’s banned. Fortunately replacing a banned file with the good version is pretty straightforward. But because Windows doesn’t keep the C:\Windows\Boot\efi folder synched to what’s actually in the EFI partition, boot files are best garnered from the latter, not the former.

The steps in the process to provide a CA-2023 signed bootx64.efi therefore go best as follows:
1. Mount the EFI partition as an accessible drive: mountvol /S S:
2. Rename the existing UFD file to .old:
rename g:\efi\boot\bootx64.efi bootx64.old
3. Copy the CA-2023 bootloader into place:
copy S:\efi\boot\bootx64.efi to G:\efi\boot\bootx64.efi
4. Unmount the EFI partition for cleanup:

Note: On Macrium Reflect rescue disks you want to copy the CA-2023 version of bootx64.efi onto bootmgfw.efi instead.

Check Your Work: Run Garlin Script

You can use the latest version (be sure to download before use) of the Garlin Check_UEFI-CA2023.ps1 script to check your work. The correct syntax for this invocation reads (be sure to Unblock in advance):

.\check_UEFI-CA2023.ps1 -bootmedia -verbose

If all goes well the output should (nearly) match what you see in the lead-in graphic. If status shows BANNED, not ALLOWED, then the bootloader is signed with CA-2011, not CA-2023.

It’s pretty easy to fix, though. Hopefully you can do what I just did and bring all of your boot media into compliance. Cheers!

Facebooklinkedin
Facebooklinkedin

Checking Boot/Recovery Media CA-2023 Status

Here’s an interesting consequence of the switchover in the Secure Boot chain of trust from CA-2011 to CA-2023. Once that occurs, you can’t boot from install, repair and recovery media that doesn’t support CA-2023. The PC firmware will reject it as “non-compliant.” What that means is with the revocation of CA-2011 upcoming in June, it’s time to start checking boot/recovery media CA-2023 status. When you can, it’s also time to replace older non-compliant media with newer, compliant versions.

I had Copilot write me a PowerShell Script that did 3 key things:
1. It checked to make sure drive G: (default letter for my UFDs) was present and accounted for
2. It showed me the top-level directory so I could see what I was dealing with (handy to distinguish installers, repair tools, etc.)
3. If it found EFI files, it reported Yes/No on their CA-2023 compliance.

After Checking Boot/Recovery Media CA-2023 Status, Then…?

The TL;DR answer to this question is: replace it if needed, keep it otherwise. I also used this opportunity to label my UFDs so I would know what I had in the future. I found all kinds of interesting stuff, including:

  • An MSI flash drive for my “new” MAG Tomahawk B550 mobo, a UEFI updater for v 2.90 on the ASRock B550 Extreme4+
  • Multiple Macrium Reflect and Hasleo Backup Suite rescue UFDs
  • A copy of the Windows DaRT (Diagostics and Recovery Toolset)
  • Multiple Windows Installer UFDs, mostly via MCT, some from UUPDump

Here’s the interesting thing: NONE of these items is CA-2023 compliant. Copilot says, in fact, that MS has not yet released an installer or repair ISO that includes the CA-2023 boot files in the EFI partition (see lead-in graphic bottom portion). I’d planned to update my dozen or so bootable UFDs today if I could. Looks like I’ll be waiting a while…

Key Takeaway

If you revoke CA-2011 support on any or all of your Windows PCs, you put yourself in the position of having to go into UEFI and turn off Secure Boot sometimes. When might that be? Whenever you want or need to use media to boot that PC for repair, recovery or installation. Good to know! That’s not the kind of thing I’d like sprung on me as a total surprise. Bet you feel the same way, too…

Facebooklinkedin
Facebooklinkedin

Pondering UEFI Updates

I’m still getting settled in with my new production desktop environment. ICYDK, it’s built around an MSI MAG Tomahawk B550 mobo, with Ryzen 5800X, NVIDIA 3070Ti GPU, and 64GB DDR4 RAM. This morning, I started digging into the MSI Center app that orchestrates other system utilities, and handles updates for drivers and firmware. In my investigation, I discovered a “new” update for the mobo firmware. In turn, that has me pondering UEFI updates.

Where Does Pondering UEFI Updates Take Me?

I had to figure out that MSI’s once-standalone “Live Update” utility now sits beneath its top-level Support tab (top middle of option bar in the lead-in graphic). Then I had to figure out that UEFI updates appear only when one clicks the “Advanced” button, rather than the more pedestrian “Scan” button (which scans only for driver updates).

As  you can see in that graphic, the company shares its guidance in eye-catching red text at the head of the MB BIOS list. That guidance reads: “MSI does not recommend to update BIOS when system has no issue” in somewhat fractured English. However rough the wording might be, the guidance is still pretty good. Let me explain…

If It Ain’t Broke, Don’t Fix It!

The reason why I recently rebuilt my Flo6 desktop stemmed from UEFI problems with the previous ASRock B550 Extreme4 mobo. It kept sticking halfway between Secure Boot old/updated data sets. That resulted in extreme boot requirements, when I might sometimes have to reset CMOS just to get the PC to boot.

Most of the time I had to shut it down, and cut power, then wait a while to bring it back to life. That went on for weeks before I made the switch to the MSI board. Since then, boot and update operations have been blissfully boring. Things just work, and I can use all of the various boot options and related keyboard options to do exactly what I want.

Reading over Copilot’s summary of what UEFI v2.A0 brings me, as compared to the running v2.90, I don’t see anything I need. Nor do I see anything that would improve Flo6’s currently rock-solid and dependable, fully caught-up Secure Boot Status.

Hence my decision: I’m not going to update. Nothing is causing problems. Everything is working dependably and reliably. Secure Boot is golden. This time, I’ll pass… Maybe next time?

Facebooklinkedin
Facebooklinkedin

Windows Security Checks Secure Boot

I just read at WindowsLatest that the Windows Security app now includes a Secure Boot check beneath its Device Security left-column head. I checked all of the PCs in my office to make sure (7 of them). Sure enough. each now lists Secure boot amidst its elements. As the aforelinked story shows, when Windows Secure checks Secure Boot status it uses one of three visual symbols as quick indicators:

  • Green checkmark indicates Secure Boot is basically OK. There’s more going on here than meets the eye, as I’ll explain later.
  • Yellow exclamation (warning) indicates Secure Boot is running but the latest certificate (CA-2023) is not yet in place or use.
  • Red X (stop sign, error/problem) indicates the device cannot receive required updates to keep the Windows boot process secure.

Why Windows Security Checks Secure Boot Now

Microsoft added this new entry because Secure Boot certificates from 2011 are expiring in 2026. Thus, Windows needs a user‑visible way to show if a device has received the updated 2023 certificates. Up to now, Secure Boot status was invisible unless users dug into UEFI or used PowerShell.

But with certificates — CA-2011, specifically –expiring, Microsoft now needs some way to:

  • Tell users whether their system is still protected
  • Indicate whether the new certificates have been applied
  • Warn users if action is required (firmware update, OEM tool, etc.)
  • Provide a simple green/yellow/red indicator instead of forcing people to inspect UEFI variables

That makes the new Secure Boot section in Windows Security  essentially an approachable, easy-to-grasp health dashboard for the certificate update.

It’s Not as Easy as It Looks?

The WindowsLatest story shows the same green checkmark text as the lead-in graphic for this story. But when I checked a couple of my other machines, I saw something different. Here ’tis:

Note the difference in the text output here. Even though both forms proffer the green checkmark to denote Status=OK, the first one reads “Secure Boot is on and all required certificate updates have been applied. No further certificate changes are needed (bold emphasis mine).” However, the second one simply says “Secure boot is on, preventing malicious software from loading when your device starts up.”

The second doesn’t say “No further certificate changes are needed.” At first, I thought the difference might be that on some PCs the CA-2011 certificate had already been revoked (all OK PCs must have the CA-2023 cert installed, in use, and recognized in the boot loader to qualify for that status). But on one PC with the simpler message, the CA-2011 certificate shows revoked (it’s in the UEFI DBX Certs database, which means it’s blocked). And on the other PCs with the “no further” language the CA-2011 certs are still enrolled (they’re in the UEFI KEK and UEFI DB databases, and NOT in the UEFI DBX database).

So I’m still wondering exactly what’s going on here, and what MS is trying to tell us with these two different OK messages. I’ll keep digging and write more when I find or figure out what’s going on. A sense of mystery, and a willingness to suspend resolution pending necessary information, are familiar sensations in Windows-World. The plot thickens…but I hope, not too much!

Added 1 Hr Later: Word from the Top

I corresponded with Garlin himself on ElevenForum, and at his suggestion, ran his update_UEFI-CA2023. script on the P16G3. That brought all the DB certs into the UEFI DB (including Option ROM and Windows UEFI). It still shows VBS policy as missing. But it turns out that by running .\Update_UEFI-CA2023 -SkuSiPolicy and rebooting, I can take care of that. Here goes … another reboot. Now the Garlin check script gives the P16G3 a completely clean bill of health, but I still get the short message. Very interesting!

 

 

Facebooklinkedin
Facebooklinkedin