8 Replies Latest reply on Mar 12, 2013 11:19 AM by medeirosdez

    How to enable UEFI secure boot Windows 8 DH77DF


      I did the Windows 8 UEFI install on DH77DF.  Now I cannot figure out how to enable secure boot.


      The method described here: http://communities.intel.com/community/vproexpert/blog/2012/06/26/microsoft-windows-8--enabling-secure-boot does not apply on DH77DF, as I could not find Security -> Secure Boot entry in DH77DF's bios setup.


      When I run confirm-SecureBootUEFI in elevated Power Shell, I got the following error message:


      Confirm-SecureBootUEFI : Variable is currently undefined: 0xC0000100

      At line:1 char:1

      + Confirm-SecureBootUEFI

      + ~~~~~~~~~~~~~~~~~~~~~~

          + CategoryInfo          : ResourceUnavailable: (Microsoft.Secur...BootUefiCommand:ConfirmSecureBootUefiCommand) [Confirm-SecureBootUEFI], StatusException

          + FullyQualifiedErrorId : GetFWVarFailed,Microsoft.SecureBoot.Commands.ConfirmSecureBootUefiCommand

        • 1. Re: How to enable UEFI secure boot Windows 8 DH77DF

          According to ARK | Intel® Desktop Board DH77DF your MB lacks the TPM module, so no Secure Boot capability for you.

          • 2. Re: How to enable UEFI secure boot Windows 8 DH77DF

            Actually DH77DF supports secure boot.  Bios 102 corrected this bug.  Now confirm-SecureBootUEFI returns true after enabling secure boot and generation of key in bios.  Meanwhile "UEFI boot fails if video optimization is enabled" bug is also fixed.

            • 3. Re: How to enable UEFI secure boot Windows 8 DH77DF

              Yes, there was also a new bios released for my DZ77GA-70K yesterday that adds Secure Boot options.

              I chatted with Intel yesterday and asked if my motherboard has Secure Boot.


              I was told: "I believe that if UEFI is enabled in the BIOS then UEFI Secure Boot is enabled automatically."

              and "I believe it has Secure Boot because it is a 7 series motherboard".


              I thought that he is probably right but then 2 hours later i noticed that there is a new BIOS version out and that there was settings to turn "Secure Boot" ON. Which makes me think that the previous BIOS did not have "Secure Boot" at all, since there was no settings for it. Or maybe it was there and was turned ON when enabling "UEFI Boot", like he told me.


              I saw on Twitter that that Intel twitted these links related to Secure Boot:


              mjg59 | An overview of our Secure Boot implementation

              mjg59 | A detailed technical description of Shim

              • 4. Re: How to enable UEFI secure boot Windows 8 DH77DF

                if you enable secure boot, legacy boot gets disabled.

                On my DZ77BH-55K if Legacy boot gets disabled the computer will not POST, it just beeps twice with a blank screen. Even without enabling Secure Boot, as long as Legacy Boot is Disabled, the computer wont POST, it just beeps with a blank screen.

                Note My Windows 7 and Windows 8 are both installed using UEFI (GUID\GPT Partition), and I still get the same no POST with Legacy Boot Disabled.

                • 5. Re: How to enable UEFI secure boot Windows 8 DH77DF

                  Same here. I posted it yesterday: DZ77GA-70K 0057 BIOS


                  I turned off Legacy Boot and the nVidia card did not work. Using IGP worked.

                  I had to hold down power button for 3 seconds and release, do get back into bios settings.


                  I will report issue to Intel now. I hope you will report too.


                  Live Chat Support


                  Edit: I chatted with Intel but it did not went so well. He told me "We only recommend to flash bios if there is something you really need."

                  I told him that Legacy and Secure Boot options are broken, and i want to report it. He told me i have to contact Intel in the UK because i live in Europe.

                  So i will contact them again tomorrow but earlier. Maybe i will get connected to some better representative at Intel support, this one did not understand me.

                  • 6. Re: How to enable UEFI secure boot Windows 8 DH77DF

                    I usually get the same response from Intel, seems they're soo used to troubleshooting, they don't take feedback on bug reports, and assume everything on there end is perfect, it must be the user with a problem. I wish there was an e-mail address or phone number where we could report bugs that need to be fixed, issues that aren't a user caused problem, but rather a bug in there bios\hardware and we just want to report it to them, so it can be fixed.

                    • 7. Re: How to enable UEFI secure boot Windows 8 DH77DF

                      Usually when you phone to Intel you get a bit better support. When i chat with Intel they usually tell me that nobody else has reported the same problem and they like to troubleshoot like you said. When i call them by phone sometimes they tell me that they are aware of the problem. But the problem is that when i call the number for my country i just get redirected to the UK and they don't understand my English so well so i prefer to chat with them.


                      I chatted with them again now and asked if Secure Boot requires a TPM chip on the motherboard.


                      The reply was:

                      As far as I know Secure Boot does not require TPM.  I believe that if the motherboard comes with UEFI boot then Secure boot will work.


                      What i don't like about Intel support is that they almost never visit this forum. A few people in here reported Secure Boot issue but Intel chat support told me they have no reports on that.


                      I talked to some other support guy earlier tonight and he told me "Secure Boot is a Windows 8 feature, so contact Microsoft about the issue". I tried to tell him that the issue is a BIOS issue, not a OS issue but seems he did not care, he just told me to call Intel by phone and report the problem there.


                      So.. Based on my overall experience i would rate Intel chat support 3.5, on a scale from 1-5.

                      • 8. Re: How to enable UEFI secure boot Windows 8 DH77DF



                        I have the answer for your problem, sir.


                        You cannot enable "Video Optimization" under "Fast Boot" options if using UEFI and you cannot boot without "Legacy Boot" enabled if the following is not true:


                        - You must have an UEFI enabled firmware for your graphics card.


                        Only 600 series nVidia cards support UEFI firmware, and, for what I know, EVGA cards don't even ship with such firmware. I don't know what about other manufacturers. However, if you contact EVGA support, they have publicly said they will be glad to provide you with UEFI firmware that you can easily flash yourself.


                        Intel support staff are not aware of that issue due to lack of training and technical knowledge.


                        Have you ever heard that if you want a graphics card recognized and working on Macintosh you need a special card? It's all about firmware. Mac edition cards come with EFI firmware. New UEFI PC's need UEFI firmware cards, as well as Macs need EFI firmware cards.


                        I hope to have helped!