Frequently Asked Questions for Secure Boot

Last Reviewed: 19-Jul-2017
Article ID: 000006942

What is Secure Boot?
Secure Boot is one feature of the latest unified extensible firmware interface (UEFI) 2.3.1 specification (Errata C). The feature defines an entirely new interface between operating system and firmware/BIOS.

When enabled and fully configured, Secure Boot helps a computer resist attacks and infection from malware. Secure Boot detects tampering with boot loaders, key operating system files, and unauthorized option ROMs by validating their digital signatures. Detections are blocked from running before they can attack or infect the system.

How does Secure Boot work?
Secure Boot works like a security gate. Code with valid credentials gets through the gate and executes, but code that has bad credentials, or no credentials, is blocked at the gate and rejected.

Intel® Desktop Boards embed the default Secure Boot keys for Windows 8*. These boards, and required BIOS versions, have been tested and passed the Windows Hardware Certification Kit (WHCK) for Windows 8. The WHCK reports for Intel Desktop Boards are available at Microsoft Windows Hardware Quality Labs (WHQL/WHCK) information.

For information on creating Secure Boot keys, refer to Deploying Secure Boot: Key Creation and Management.

Related topics
UEFI Specification 2.3.1, Errata C
Delivering a secure and fast boot experience with UEFI
Microsoft Developer Network (MSDN)—search for keyword "Secure Boot"
UEFI Learning Center

This article applies to:

Discontinued Products

Intel® Desktop Board DQ33HS
Intel® Desktop Board D945GZCC2
Intel® Desktop Board CA810E
Intel® Desktop Board DQ963GS
Intel® Desktop Board D845PECE
Intel® Desktop Board D815EFV