Secure Boot

Secure Boot

Secure Boot is a security feature that prevents malicious software (malware) from running when a PC starts up. It performs a series of checks during the boot sequence that ensures only trusted software is loaded.
When Secure Boot is enabled, the firmware checks the signatures (the verified origins) of all software that loads during the boot process. If all signatures are valid, the PC loads the operating system. If one or more signatures cannot be verified, the boot process is halted, preventing any malicious software from running.
Windows 11 can only be installed on Secure Boot-capable PCs with a TPM chip and UEFI support. However, it is possible to disable the Secure Boot feature.
Verifying Secure Boot
You can check if Secure Boot is enabled on your Windows PC by following these steps:

Click the Windows icon in the task bar or press the Windows key.
Type msinfo32 and press Enter.
The System Information window will open. Make sure System Summary is selected in the left sidebar.
Look for Secure Boot State in the right section of the window and make sure the value is On.

The BIOS Mode must be set to UEFI for Secure Boot to be enabled. If it is set to “Legacy,” you may be able to switch to UEFI mode by holding the F2 key during startup to load the BIOS. If your computer supports UEFI, you can switch from Legacy BIOS to UEFI mode. The same interface allows you to enable and disable Secure Boot.
Neither Windows 10 nor Windows 11 require Secure Boot to be enabled. However, it is wise to leave it on to prevent unwanted software, such as ransomware or spyware, from loading at startup.

Updated December 11, 2021 by Per C.

APA
MLA
Chicago
HTML
Link

https://techterms.com/definition/secure_boot

Copy