Windows 8 and 8.1 Forums


UEFI prevents rootkits?

  1. #1

    UEFI prevents rootkits?


    I've been reading that EUFI booting prevents rootkits, is this true?

      My System SpecsSystem Spec

  2. #2


    Posts : 328
    Windows 8.1 (x64)


    UEFI has a secure boot feature that indeed is designed to prevent rootkits. Key boot files are digitally signed (by microsoft) and any malicious software that attempts to tamper with them is automatically detected at startup and blocked.

    More info :
    Secure Boot Overview
    Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware
      My System SpecsSystem Spec

  3. #3


    Quote Originally Posted by oneeyed View Post
    UEFI has a secure boot feature that indeed is designed to prevent rootkits. Key boot files are digitally signed (by microsoft) and any malicious software that attempts to tamper with them is automatically detected at startup and blocked.

    More info :
    Secure Boot Overview
    Secured Boot and Measured Boot: Hardening Early Boot Components Against Malware

    So I'm guessing it has a high detection rate? and thank you , its not allowing me to you anymore rep points at the moment.
      My System SpecsSystem Spec

  4. #4


    Posts : 328
    Windows 8.1 (x64)


    No detection rate. My explanation above was maybe a bit confusing. This isn't an antivirus, which is a blacklisting approach but a whitelist (more info here : Whitelisting Vs Blacklisting | Kevin Townsend) : if a bootfile is signed, its ok if not it's blocked. And yes, it's much more efficient.
      My System SpecsSystem Spec

  5. #5


    Sorry the way I said it made it seem like I thought it as an antivirus or something, I got one more question, how can I tell if I got UEFI enabled or not?
      My System SpecsSystem Spec

  6. #6


    Posts : 328
    Windows 8.1 (x64)


    Start key + R, type : msinfo32
    In system summary, check Bios Mode (UEFI/Legacy) and Secure Boot State (On/Off)

    There is also a guide on the forums : BIOS Mode - See if Windows Boot in UEFI or Legacy Mode
      My System SpecsSystem Spec

  7. #7


    BIOS is in UEFI, and Secure Boot is off
      My System SpecsSystem Spec

  8. #8


    Posts : 328
    Windows 8.1 (x64)


    You should enable secure boot in your bios settings. How to do that depends on your motherboard, but here is a link to help : "Secure Boot isn't configured correctly": troubleshooting
    1. Open the PC BIOS menu. You can often access this menu by pressing a key during the bootup sequence, such as F1, F2, F12, or Esc.
    2. Or, from Windows: go to Settings charm > Change PC settings > Update and Recovery > Recovery > Advanced Startup: Restart now. When the PC reboots, go to Troubleshoot > Advanced Options: UEFI Firmware Settings.
    3. Find the Secure Boot setting, and if possible, set it to Enabled. This option is usually in either the Security tab, the Boot tab, or the Authentication tab.
    4. On some PCs, select Custom, and then load the Secure Boot keys that are built into the PC.
    5. If the PC does not allow you to enable Secure Boot, try resetting the BIOS back to the factory settings.
    6. Save changes and exit. The PC reboots.
    7. If the PC is not able to boot after enabling Secure Boot, go back into the BIOS menus, disable Secure Boot, and try to boot the PC again.
    8. In some cases, you may need to refresh or reset your PC to its original state before you can turn on Secure Boot. For more info, see How to restore, refresh, or reset your PC.
    9. If the above steps don’t work, and you still want to use the Secure Boot feature, contact your manufacturer for help.
      My System SpecsSystem Spec

  9. #9


    Alright so I just tried to enable Secure Boot, but it's showing as grey and won't let me change it, I also noticed it says it's in 'Legacy' mode, kinda weird?
    Last edited by Jcwisgod; 06 Jan 2014 at 19:42.
      My System SpecsSystem Spec

UEFI prevents rootkits?
Related Threads
I have some firewall rules that I try to (want to) disable with the 'Windows Firewall with Advanced Security' GUI. But when I select the rule and try to disable it, I am presented with a dialog box that says:-- One or more rules in the current selection contains a property not supported through...
Background: • Upgraded to Windows 8.1 preview from Windows 8, works fine for weeks. • Randomly crashed one day. I believe it may have been waking from sleep mode when this happened. It cited: "Recovery Your PC needs to be repaired
Hi again ....am now aware that normal booting only achievable when my USB printer is disconnected. Can't begin to understand what is happening here. Asus P8Z68-VLX / Intel i3 2120 / Win 8 Pro 64
I recently installed a new GTX660 Ti GPU, but I am now experiencing a major issue with the sleep function. Whilst I am able to sleep the PC, when I try to wake it, nothing really happens. I hear the "device disconnected" sound and then nothing for at least 2 minutes before it automatically...
USA to legalize rootkits, spyware, ransomware and trojans to combat piracy?
Win8 Prevents BIOS Access in General Support
I recently upgraded from “Windows 7 Home Premium 64-bit (OEM)” to“Windows 8 Pro 64-bit”, using the “Keep Windows settings, personal files, and apps” option. All except one of my programs work in Win8, and my Win8 desktop is unchanged (except for the Win8 Start Screen replacement for the Win7 Start...
I've been running a problem that some of the applications from the startup menu doesn't actually start upon login. After looking at the list of the applications I've noticed that actually only the exe files that I've set in properties to "Run as administrator" (in compatibility tab) doesn't run...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook