https://www.verboon.info/tags/secure-boot/Recent content in Secure-Boot on Anything About ITHugoen-usFri, 11 Jan 2013 14:22:06 +0000https://www.verboon.info/2013/01/how-to-check-the-status-of-bios-uefi-secure-boot-with-powershell/Fri, 11 Jan 2013 14:22:06 +0000https://www.verboon.info/2013/01/how-to-check-the-status-of-bios-uefi-secure-boot-with-powershell/<p>During the past weeks I spend a bit of time deploying Windows 8 to UEFI enabled clients. With PowerShell 3.0 on Windows 8 you will find some <a href="http://technet.microsoft.com/en-us/library/jj603042.aspx">new cmdlets</a> that provide information about the status of your system’s BIOS/UEFI/Secure boot configuration.</p> <p>The below table shows the return values depending on whether the system’s firmware is using BIOS, UEFI and if Secure boot is enabled or not.</p> <p> </p> <pre><code> **BIOS / UEFI Setup** BIOS UEFI with CSM UEFI native Secure boot enabled UEFI native Secure boot disabled **PowerShell Command** Result Confirm-SecureBootUEFI Cmdlet not supported on this platform False True False Get-SecureBootUEFI –Name SetupMode Cmdlet not supported on this platform 1 0 1 Get-SecureBootUEFI –Name SecureBoot Cmdlet not supported on this platform 0 1 0 Executing any of these cmdlets on a Windows 8 system that uses BIOS generates an error. </code></pre> <p>The return value of the SetupMode variable tells us if the system is operating in Setup mode or in UserMode meaning that the platform key is enrolled. (For more details read the Firmware/OS Key Exchange: creating trust relationships chapter within the UEFI Specification that can be found <a href="http://www.uefi.org/specs/">here</a>)</p>