By Michael / Last Updated May 30, 2023

What is UEFI secure boot?

UEFI, short for Unified Extensible Firmware Interface, is a standard to make sure that PC only boot with OEM (Original Equipment Manufacturer). It helps PC resist attack of virus and malware.

After enabling this settings, the PC will only load drivers with Microsoft certificates. Secure boot detects tampering by verifying the boot loader, key operating system files, unauthorize option Rom, and their digital signatures, and they will stop running before an attack or infection of the system is detected.

Only when you enable secure boot on the Windows OS, can you run the latest version of Windows 11. Luckily, secure boot is widely supported. Please read on and learn how to enable UEFI secure boot in on this page.

How to make sure whether the PC support UEFI secure boot?

How to make sure whether your PC support UEFI secure boot? In fact, this is no longer a unusual question. However, for non-computer professionals, this is still a difficult question, In the following contents, 5 ways to check whether a PC support UEFI secure boot are provided.

▶ Method 1. Check system information tool

First, you can check the secure boot state in System information.

1. Press “Win+R” simultaneously, type msinfo32 and hit “ENTER”.

run window

2. In the “System Information” window, select “System Summary” and look for “Secure Boot State” on the right side. If the value is “on”,  the secure boot is enabled; if “off”,  the secure boot isn’t enabled and you need to enable it for Windows 11.

system info

▶ Method 2. Use CMD command

The built-in CMD is a basic way to see whether the secure boot is enabled. Let’s see how it works.

1. Press “Win+R” simultaneously to launch the “Run” window, Then, type “cmd” and hit “ENTER”.

2. Type bcdedit/enum {current} and hit “ENTER” to execute it.

3. Among the listed information, locate “path”. If the path show “winload.efi”, it means Windows has enabled UEFI secure boot; if the path show “winload.exe”, it means Windows has enabled the traditional way to boot.

cmd

▶ Method 3. Use PowerShell Cmdlet

The Windows PowerShell would help by checking the “path”.

1. In the start menu on the lower left, find “Windows PowerShell”. Then, right-click on it and run it as administrator.

2. Type “bcdedit” and hit “ENTER” to commit it. Now, locate “path” as what you do in Method 2. Then, check what is behind the path, “winload.efi” or “winload.exe”.

powershell

▶ Method 4. Check Windows Disk Management

Since the specific relationship of GPT and UEFI, if the “Convert to GPT Disk” button greyed out, the PC is in UEFI secure boot mode, and vice versa.

1. Press “Win + R” to open the “Run” window, then, type “diskmgmt.msc” and hit the “ENTER” key.

2. Right-click on disk 0 and if there is the option of “Convert to GPT Disk”, it means your PC is running in the traditional way; if it shows “Convert to MBR Disk”, it means the PC is in the UEFI secure boot mode.

dm

▶ Method 5. Check the motherboard’s production date

Besides, you can also view the production data of the motherboard in “BIOS Versions”, then judge whether the secure mode is enabled.

1. Press “Win + R” simultaneously to open the run window. Then, type “cmd” and hit “ENTER”.

2. In the window, type “systeminfo” and hit the “ENTER” key. Wait a moment before you can check the info of your PC. You can see the production data of the motherboard after the option of “BIOS Versions”.

motherboard info

Attention: When you change the secure boot state, you may encounter some hardware failures. You can easily solve the problem by simply disconnecting the inoperable hardware from the PC after changing the secure boot state, and then reconnecting it.

How to enable UEFI secure boot?

If your PC support secure boot but it hasn’t been enabled. The following guide provides detailed steps to enable the secure mode.

1. Reboot your computer and hit “ESC/Delete/F1/F2/F10 to enter the BIOS system (the keys are different depending on computer hosts). Then, click on “Boot” and select “Secure Boot”.

boot

2. Now, you can secure boot is shut down. Click on “Key Management”.

3. Select “Install default Secure Boot Keys” to enable secure boot.

key management

4. Finally, return to the previous column and you can see Secure Boot is enabled.

view secure start

Bypass UEFI detection by using the install disk to boot

If your computer doesn’t support secure boot, you can use the install disk to boot to bypass UEFI detection. The following guide teaches how to bypass UEFI detection to install Windows 11 in detail.

1. First of all, you need to download Windows 11 ISO pack. You’re supposed to directly download the Windows 11 ISO file in preview version (Windows 11 standard hasn’t been published). Here, the download entry page of the official website is provided and after getting in, you need to click on the profile on the upper right to create an account. It can be a little bit slow. So, be patient.

mirror file download page

2. After creating the account and logining in, scroll down the page and select version and language. Then, you can download the ISO file of the Windows 11 preview version.

download image file

3. After you finish downloading, you need to make an installation disk in order that you can be led by the installation disk to enter the Windows 11 installation process.

4. Insert the prepared installation disk into the USB port of the PC that needs to install Windows 11, and immediately press the shortcut key to enter the boot startup interface (different motherboard shortcut keys are different, usually F8/F11/F12).

5. After booting into the startup window, select the option of installation disk and click on it.

select installation disk

6. Now, you need to wait around 1 minute and then you will enter the interface of Windows installer. At this time, you just need to follow the regular Windows installation onscreen guide to finish the Windows 11 installation,

windows setup

Does UEFI secure boot affect performance of the PC?

After going through the entire post, some people may wonder whether UEFI secure boot affect their PC’s performance. The answer is definitely negative. Enabling UEFI Secure Boot will increase protection and prevent your computer from virus attacks, so it won’t affect the performance. 

Conclusion

This page focuses on showing you what is UEFI, and how to enable it for Windows 11 updates. There’re 5 methods for you to check whether your computer support UEFI Secure Boot. If your computer doesn’t support it, you can bypass UEFI detection with an installation disk, then execute Windows 11 installation; If you’ve enabled UEFI Secure Boot successfully, congratulations, you can turn to the next operation of Windows 11 upgrade.