How to disable Secure Boot

Daniel Terrasa

5 minutes

secure boot

In this post we are going to talk about Secure Boot, the security system that protects our computer's boot process against different malicious code threats, such as malware and ransomware. Specifically, what we are going to analyze is the way of how to disable Secure Boot.

Secure Boot is integrated into the BIOS of the computer. Or in its most recent version, UEFI. As you probably already know, the BIOS (Basic Input Output System) has the main function of booting all the components of our equipment and launching the operating system. It is very simple software that comes built into the motherboard. On the other hand, the UEFI (Unified Extensible Firmware Interface) is a firmware that is installed on the motherboard and offers more modern features, although its main functions are de facto the same as those of BIOS.

What is Secure Boot used for?

The main function of Secure Boot o secure boot is to prevent the execution of any non-certified software at system startup. It is very effective and convenient to prevent malware or unreliable applications from sneaking into our computer when the computer starts up.

It could be said, therefore, that Secure Boot is a security measure endorsed by Microsoft that requires certain identification requirements. In other words: it is a useful tool that works to protect our computers. So, why would we want to remove Secure Boot? What sense would it make to do something like that?

safe mode windows 10
Related article:
How to enter safe mode in Windows 10

Reasons to disable Secure Boot

There is an answer to these questions, which we will undoubtedly understand better if we are users of Linux. And it is that Secure Boot is relentless and, from the outset, it will block everything that does not belong to Windows. This excess of zeal in security entails Obvious disadvantages that make it impossible to run Linux.

Until the arrival of Windows 10, enabling Secure Boot was optional, leaving some leeway for those using another operating system. Microsoft then left the decision up to each of the different manufacturers.

It is true that in recent times Linux distributions have been adapting to these circumstances, with versions that offer compatibility with Secure Boot. But this is not always the case, so before installing any distribution, it is necessary check that Windows is compatible.

Currently, the most important Linux distributions such as Ubuntu, Fedora, RedHat, Debianomo or SUSE are perfectly compatible with Secure Boot.

Disable Secure Boot

secure boot

Before explaining how to proceed, it should be noted that Secure Boot is not a permanent feature of the system, so it can be safely disabled. By doing so, we can install any software on our computer, even those that are not signed by Microsoft.

To deactivate Secure Boot we have to enter the UEFI configuration of our Windows 10 computer. The procedure consists of two phases: first, we must restart Windows Advanced Startup and then modify the UEFI configuration.

Windows Advanced Startup (Restart)

You have to follow these steps:

  1. First of all, we click on the gear icon that we find in the start menu. There we go to Configuring Windows.
  2. Then we select the option Update and security.
  3. In this menu, click on the section Recovery, which is in the left column.
  4. Next we go to the section Advanced Start, where we click on the button Restart.

UEFI Settings

Once inside the Windows Advanced Startup, we execute the following steps:

  1. In the main menu, we select the option Solve problems.
  2. There, we choose Advanced.
  3. In the new options, we select firmware configuration UEFI. After this, the computer tells us that it needs to be restarted, so we must authorize the restart.
  4. After the reboot, we directly access the UEFI. There, we go to the tab Security.
  5. Finally, we go to the option Secure Boot, where there is a button that we can move to the positions Enabled (activated) or Disabled (disabled).*

(*) If that option does not appear, it is because the manufacturer of our computer does not allow it. Some models incorporate Secure Boot as standard, blocking the possibility of using operating systems such as Linux distributions.

Is it convenient to disable Secure Boot?

Going back to what was explained in the first paragraphs of this post, let's remember that the main function of Secure Boot is to protect our system from so-called boot loader, which can introduce malicious codes at the start of our equipment.

The option to disable Secure Boot can be very useful when carrying out certain tests and modifications, without forgetting that activating and deactivating Secure Boot can be somewhat uncomfortable and even risky.

However, only recommended for advanced users They have minimal technical knowledge. From this we can deduce that the origin of carrying out this action will depend on each user profile, their needs and their abilities.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Actualidad Blog
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.