Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Microsoft Windows: Allow Secure Boot for integrity validation
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Created
Created
Modified
Modified
Summary
This test checks the setting for policy 'Allow Secure Boot for integrity validation' on Windows hosts (at least Windows 8.1). The setting controls whether Secure Boot is allowed as the platform integrity provider for BitLocker operating system drives. Secure Boot ensures that the PCs pre-boot environment only loads firmware that is digitally signed by authorized software publishers. Secure Boot also provides more flexibility for managing pre-boot configuration than legacy BitLocker integrity checks. When enabled and the hardware is capable of using Secure Boot for BitLocker scenarios, the 'Use enhanced Boot Configuration Data validation profile' GP setting is ignored and Secure Boot verifies BCD settings according to the Secure Boot policy setting, which is configured separately from BitLocker.