Solved

Windows 8.1 UEFI Question

Posted on 2015-02-20
7
159 Views
Last Modified: 2016-11-23
I have a new Dell desktop Inspiron3847, but I suppose this question is not unique to Dell.  I think it is a Windows 8.1 question.

I am using backup software. In case of a failure of my system I need to boot to a flash drive.  I thought I understood that Windows 8.1 will not boot to a flash drive automatically.  If I understand correctly, if I want to boot to a flash drive I need to turn off UEFI Secure boot.  If I understand correctly, Secure boot makes my machine less susceptible to invasion by outside entities, so, I suppose the best way is to have secure boot on all the time, except for those special times when I want to boot to a specific device, then, after the condition passes, turn secure boot back on again.  Is this correct?
0
Comment
Question by:WoodrowA
7 Comments
 
LVL 93

Accepted Solution

by:
John Hurst earned 250 total points
ID: 40622093
You might need to turn UEFI off, but I think Windows 8 knows what it is making and the drive is supposed to boot if the computer will not start. So the USB key made should be able to start the way the computer is (UEFI enabled) as Microsoft would have set the boot that way. I have not had need to try mine at this point.
0
 

Author Comment

by:WoodrowA
ID: 40622192
Thank you for responding.

I am using Paragon backup software and it has a tool that creates a boot disk (flash drive) in what I believe is a Win PE protocol.  I created this flash drive and then booted my machine with Secure boot enabled and sure enough, it sees the flash drive.  

Why is this?  When the drive was created was it created in such a way that Windows recognizes it automatically?  I have two other USB drives connected to my computer but when the (F12) boot screen appears with Secure boot on, it does not see them.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40622254
I think a non-Windows 8 flash drive would need UEFI disabled to boot.

I think only a Windows 8 recovery flash drive will boot with UEFI enabled.  Otherwise Joe Public would not be able to recover.

What you are seeing is a function of Windows 8, not the Flash drive.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 88

Assisted Solution

by:rindi
rindi earned 250 total points
ID: 40622257
WinPE is based on Windows and should use it's signature, and that should be included in the secure-boot signature database. So such media should boot with secureboot on. If it doesn't, then disable secureboot.

Also several other OS's like some Linux distro's have been added to secureboot. So whenever you can boot, leave it on, if it doesn't boot turn it off.

Generally though secureboot doesn't really add much security. The OS can still be attacked. It is more an M$ "feature" that they forced on UEFI BIOS, which makes it harder to install other OS's. Particularly on Windows RT devices which use ARM based CPU's, you can't even disable secure-boot, so there you can't Replace Windows RT with another OS like Linux.
0
 
LVL 46

Expert Comment

by:noxcho
ID: 40622285
Paragon signed its products by Microsoft and the WinPE based drive it creates is detected as MS boot device. Usually you do not need secure boot to be enabled if some boot device with malware is not used on this PC.
0
 

Author Closing Comment

by:WoodrowA
ID: 40623192
Thank you
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 40623233
@WoodrowA - You are very welcome and I was happy to help.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever wondered why Windows 8 and 10 don't seem to accept your GPO-based software deployment while Windows 7 does? Read on.
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
The viewer will learn how to successfully download and install the SARDU utility on Windows 8, without downloading adware.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question