Intel Provides Fix for Windows 8.1 Secure Boot Issue

Softpedia reports that Intel has provided a simple workaround regarding an error after updating to Windows 8.1 that reads "Secure Boot isn't configured correctly." This message reportedly appears on the desktop as a watermark, and is one of the more common errors encountered when upgrading to the new OS.

Microsoft previously suggested that inflicted users check to see if Secure Boot has been disabled in the BIOS, and if so, then re-enable it. If that doesn't work, then reset the BIOS back to factory settings, or if that doesn't even work, reset the PC back to its original factory state and then re-enable Secure Boot.

"To determine which of these is the problem, you can check the event logs. Go to View Event Logs > Applications and Services Logs > Microsoft > Windows > VerifyHardwareSecurity > Admin, and look for either of these logged events: 'Secure Boot is currently disabled. Please enable Secureboot through the system firmware. (The PC is in UEFI mode and Secure Boot is disabled.)' or 'A non-production Secure Boot Policy was detected. Remove Debug/PreRelease policy through the system firmware,' the company explained.

However, as Softpedia points out, many computers do not have a Secure Boot option in their BIOS menus, so Microsoft's fix won't make much sense. Luckily, Intel has the correct solution: simply reboot the device, enter into the BIOS mode, and access the secure boot options menu. Enable secure boot (if disabled), check on the option that says "Install Intel platform key," press F10 to save the changes and restart the system.

Of course, that doesn't solve the issue for those who don't see a Secure Boot option. These users are suggested to install the latest BIOS update.

Follow us @tomshardware, on Facebook and on Google+.

This thread is closed for comments

28 comments

Comment from the forums

Your comment

bak0n

Had to roll a laptop back to 8 today due to 8.1. Boy how I wish 7 on my laptops..
smeezekitty

Secure boot sucks
tpi2007

"However, as Softpedia points out, many computers do not have a Secure Boot option in their BIOS menus, so Microsoft's fix won't make much sense. Luckily, Intel has the correct solution: simply reboot the device, enter into the BIOS mode, and access the secure boot options menu."

The paragraph above doesn't make any sense. Proof-reading is needed.

People who wish to have secure boot disabled in the BIOS have to endure being bullied by Microsoft with a watermark they can't remove unless they completely turn off the UAC. It's not like the software is not legitimate to warrant a watermark being displayed at all times, just make it an Action Center message that the user can turn off, just like Anti-virus related messages. This is just Microsoft flexing it's monopolistic muscles to bully consumers into doing what they want instead of providing flexibility and freedom of choice.
SteelCity1981

just one more reason why I have no intentions of upgrading to windows 8.x from windows 7.
Old_Fogie_Late_Bloomer

I deliberately disabled Secure Boot (as in "Security chip is hidden and is not functional") in my ThinkPad to avoid the possibility of some OS (specifically, Windows 8.x) bricking my (primarily Windows 7) laptop. You're telling me if I want to update my rarely-used 8 partition to 8.1, I'm gonna have to deal with the OS nagging me about a lack of Secure Boot option?

What...I don't even...
jimmysmitty

919443 said:

Secure boot sucks

SO a feature of an OS that keep viruses from wreaking havoc on the MBR and OS is a bad thing?
unksol

113832 said:

"However, as Softpedia points out, many computers do not have a Secure Boot option in their BIOS menus, so Microsoft's fix won't make much sense. Luckily, Intel has the correct solution: simply reboot the device, enter into the BIOS mode, and access the secure boot options menu." The paragraph above doesn't make any sense. Proof-reading is needed. People who wish to have secure boot disabled in the BIOS have to endure being bullied by Microsoft with a watermark they can't remove unless they completely turn off the UAC. It's not like the software is not legitimate to warrant a watermark being displayed at all times.

I was just about to quote it and you beat me.

"Microsoft said go into bios and and go to secure boot, but if you don't have that option Intel says the exact same thing: go into bios and secure boot. But since Intel said it not Microsoft it will magically appear!"

Seriously though... Then you go off on UAC? And over a watermark not an annoying message? Come on. Anyone who knows or cares what a watermark is would IMMEDIATELY turn off UAC after the install. UAC.is just idiot proofing and the idiots don't read the messages anyway.
jimmysmitty

113832 said:

"However, as Softpedia points out, many computers do not have a Secure Boot option in their BIOS menus, so Microsoft's fix won't make much sense. Luckily, Intel has the correct solution: simply reboot the device, enter into the BIOS mode, and access the secure boot options menu." The paragraph above doesn't make any sense. Proof-reading is needed. People who wish to have secure boot disabled in the BIOS have to endure being bullied by Microsoft with a watermark they can't remove unless they completely turn off the UAC. It's not like the software is not legitimate to warrant a watermark being displayed at all times, just make it an Action Center message that the user can turn off, just like Anti-virus related messages. This is just Microsoft flexing it's monopolistic muscles to bully consumers into doing what they want instead of providing flexibility and freedom of choice.

That's only if you have secure boot enabled when installing. If you install it without it on you wont have that.

As well, who would not want to have secure boot enabled? Its a great feature and as long as you know how to use it properly it keeps a lot of threats away.
unksol

113772 said:

I thought THG hired proof readers and fact checkers a long time ago... might be time to hire some more.

I HAVE to assume you are trolling. Where have you been? The rampant spelling and grammar errors that are never fixed are a fundamental part of Toms hardware news.

More unforgivable is the hysteria they stir up by providing false info in their attempts to plagiarize other sites, their disingenuous titles, and them just not understanding what they read.

You really need to get used to going to their "source" to see what was really said. If you rely on Toms "reporters" you'll get constant incorrect info.
smeezekitty

149725 said:

919443 said:

Secure boot sucks

SO a feature of an OS that keep viruses from wreaking havoc on the MBR and OS is a bad thing?

Not allowing people to install the OS of their choice is a bad thing.
This is clearly to tighten the grip of their monopoly. And malware developers are always one step ahead anyway.

Not being able to boot any code of choice is a disturbing premise.
unksol

919443 said:

149725 said:

919443 said:

Secure boot sucks

SO a feature of an OS that keep viruses drink wreaking havoc on the MBR and OS is a bad thing?

But allowing people to install the OS of their choice it's a bad thing. This is clearly to tighten the grip of their monopoly. And malware developers are always one step ahead anyway Not being able to boot any code of choice is a disturbing premise.

Look I like a illiterate moron as much as the guy. But seriously? A MICROSOFT water mark that COULD accept windows but no other OS. SERIOUSLY
smeezekitty

564915 said:

919443 said:

149725 said:

919443 said:

Secure boot sucks

SO a feature of an OS that keep viruses drink wreaking havoc on the MBR and OS is a bad thing?

But allowing people to install the OS of their choice it's a bad thing. This is clearly to tighten the grip of their monopoly. And malware developers are always one step ahead anyway Not being able to boot any code of choice is a disturbing premise.

Look I like a illiterate moron as much as the guy. But seriously? A MICROSOFT water mark that COULD accept windows but no other OS. SERIOUSLY

Your post literally makes absolutely not sense. And you somehow royally screwed up the quotes to boot.
opmopadop

"Your post literally makes absolutely not sense."

I don't think he will get it, but nice ;-)
xiinc37

I don't get all the hate over secureboot. Are you booting windows? Turn it on. Are you booting something else? Turn it off. ??????????????
smeezekitty

Well if Windows 8.1 already has a permanent nag about it, I am concerned the next version (Win 9?) will not be able to boot without it at all.

That would break compatibility with lots of older systems + make dual booting a pain.
mariusmotea

IT seniors learn me to never purchase a new version release or to be the first that make an major update on Microsoft products. Few days ago Surface users brick devices when updating to 8.1 and now this.
I like my solution better. I just traded my lousy Windows 8 machine in for some cash and went back to using my Windows 7 PC. Problem solved.
back_by_demand

Octacon "I thought THG hired proof readers and fact checkers a long time ago"

Really? If they hired proof-readers ever they have paid too much and as far as fact checkers does blatant copy/paste articles from "The Onion" count?
glitch20

Grammar trolls on a rampage preying on Indians I'm guessing ^_^
glitch20

Grammar trolls on a rampage preying on Indians I'm guessing ^_^
cornandbeans

Just enable secureboot in UEFI and it will be gone. No big deal. Windows 8 haters should get out
milktea

@smeezekitty
I share the same concern with you.
If UEFI Secure Boot becomes mainstream and widely accepted in the future, Microsoft might want to use that to their advantage and lock in the Secure Boot to the PC hardware and software/OS.

From MS technet Secure Boot FAQ...
http://technet.microsoft.com/en-us/library/hh824987.aspx
MS has already lock in all the ARM-based PC to Windows RT. So the users have no choice to re-install other OS. So people who love to tweak their PC are locked into x86 systems; ARM based is out of the question.
ethanolson

It looks like Intel read the UEFI Secure Boot tutorial in Tom's How-to forums. That's good. I'm glad to see that Tom's is a valuable resource for all.
pjmelect

I didn't have this problem when I tried Windows 8.1 on a computer that did not have secure boot in the BIOS, I did however have a lot of driver problems with drivers that did work with Windows 8.0.
As for the operation of Windows 8.1 it is worse than windows 8.0 with many minor changes that only serve to annoy.

Display All 28 comments

Display more comments

Shuffles at Intel as 5G Exec Departs, Volkswagen VP Joins Company

Too Hot to Last? Investigating Intel's Claims About Ryzen Reliability

How to Get Windows 10 for Free (or Under $30)

Intel Cancels Omni-Path 200 Fabric and Stops Development