Device failures happening on systems with UEFI secure boot

Jan 29, 2019 07:49 GMT  ·  By

Windows 10 version 1809 (October 2018 Update) is currently in the process of being pushed automatically to devices across the world, and Microsoft warns of another issue that could affect certain machines.

The software giant explains that a number of customers who deployed Microsoft’s security baseline for Windows 10 version 1809 and Windows Server 2019 could be hit with a device boot failure if UEFI secure boot is enabled.

The company notes in a TechNet article that devices with the System Guard Secure Launch setting, which is introduced with Windows 10 version 1809, are the ones experiencing the problem, and further adds that in most of the cases it all leads to a blank screen at boot.

“Microsoft discovered a boot issue that could affect systems with the System Guard Secure Launch set to enabled regardless of whether the underlying hardware support for the feature is present,” the company notes.

“The issue manifests itself after taking an update whereupon the device reboots into a blank screen. The issue has been root caused to a problem with catalog file validation and whether it shows up is highly dependent on set and order of signed components in the boot path so it is not predictable when or whether a system will hit this issue.”

Fix already under development

The company explains that a fix is already being developed and recommends users to switch the ConfigureSystemGuardLaunch Group Policy setting to Not Configured or Disabled. Once the fix goes live, you can re-enable the setting in Group Policy.

Microsoft says disabling the policy wouldn’t have any impact on systems that don’t come with hardware support for System Guard Secure Launch.

No specifics have been provided as to when the fix could be released, but with Patch Tuesday taking place on February 12, there’s a chance that this is the moment when Microsoft could resolve the bug.