With the release of Windows 11, Microsoft has elevated the security standards for its operating system. Secure Boot is not only a recommendation but a prerequisite for Windows 11 installation or free upgrade. Secure Boot is a security feature that prevents malicious software from loading when your PC starts up. It also ensures that your PC boots with an authentic bootloader file that is trusted by your device’s manufacturer. Well if you want to upgrade your PC to Windows 11, you need to make sure that your device supports Secure Boot. Most modern PCs are capable of Secure Boot, but in some cases, you may need to change some settings in the PC firmware to enable it. Let’s understand Why Secure Boot Matters and how to enable secure boot in Windows 11.
What is Secure Boot Requirement for Windows 11
Windows 11 Secure Boot is not just a checkbox on your computer’s UEFI/BIOS settings; it’s a fundamental security feature designed to safeguard your system’s integrity during the boot process. Enable secure boot Windows 11 ensures that only signed and trusted firmware and operating system components are allowed to run, preventing the execution of malicious code that could compromise your system’s security.
Secure Boot ensures that only digitally signed and verified code is allowed to run during the boot process, and mitigates the risk of malware and unauthorized software compromising your system.
By verifying the digital signatures of firmware and bootloader components, Secure Boot on windows 11 helps thwart the installation of rootkits and bootkits that seek to exploit vulnerabilities at the foundational level of your system.
Secure Boot enhances the overall integrity of your system by preventing the loading of untrusted components, thereby reducing the attack surface for potential security threats.
How to Check Your PC’s Secure Boot Status
You can use the Microsoft System Information tool to check your PC’s Secure Boot status.
- Press the Windows key + R, type msinfo32 in the dialog box, and select OK.
- In the System Information window, look for the BIOS Mode and Secure Boot State entries on the right pane.
- If the BIOS Mode is UEFI and the Secure Boot State is On, then your PC supports Secure Boot and you are good to go.
- If the BIOS Mode is Legacy or the Secure Boot State is Off, then you need to enable Secure Boot in the PC firmware settings.
Well if it says Secure boot state unsupported, it means your device won’t support secure boot. But you can tweak the Windows registry to bypass secure boot check and install Windows 11 on unsupported devices.
Alternatively, you can also use the PC Health Check app to verify your PC’s eligibility for Windows 11. The app will diagnose your PC’s hardware and report any issues with Secure Boot and other system components. You can download the PC Health Check app from Microsoft’s website
How to Enable Secure Boot in Windows 11
If you find out that Secure Boot is disabled on your PC, you need to enable it in your PC’s firmware settings. The firmware, also known as BIOS or UEFI, is the software that starts up before Windows when you turn on your PC.
To access the firmware settings, you need to restart your PC and enter a specific key or combination of keys during the boot process. (common keys include Del, F2, F10, F12, or Esc).
Alternatively, you can also Open Windows Settings and go to Update & Security > Recovery. Under Advanced startup, click Restart now. select Troubleshoot > Advanced options > UEFI Firmware Settings > Restart. Your PC will reboot again and enter the firmware settings.
Once in the UEFI/BIOS settings, locate the “Security” or Boot or a similar section and Look for an option named “Secure Boot” or “UEFI Boot”.
- If Secure Boot is currently disabled, change the setting to “Enabled.”
- If there is an option for “Secure Boot Mode,” set it to “Standard” or “Custom” based on your preferences.
Save the changes made to the UEFI/BIOS settings and exit. This typically involves navigating to the “Save & Exit” or a similar section. Confirm your decision to save changes and exit. Your computer will restart.
After the restart, re-enter the UEFI/BIOS settings to verify that Secure Boot is now listed as “Enabled.”
Also you can check your PC’s Secure Boot status again using the System Information tool or the PC Health Check app. If everything is OK, you should be able to upgrade your PC to Windows 11 without any issues.
Enabling Secure Boot not only meet the minimum system requirements for Windows 11 but also elevates your system’s security to new heights.
- 11 basic settings you must enable to Secure Windows 10 Laptop/PC
- Windows 10/11 slow boot problem? 7 Ways to Make It Faster 2024
- High Memory Usage in Windows 11: 5 Solutions(Opens in a new browser tab)
- 5 Most secure browsers for Windows 11 (Stay Safe and Protect Your Privacy)
- kernel Security Check Failure Error in Windows 11 (solved)