RECOMMENDED: Click here to fix Windows errors and optimize system performance
Once Microsoft has released its update KB3133977 for Windows 7 systems, many Asus users who have installed this update on their computer may have received a particularly irritating error called Secure Boot Violation. The worst part of this bug is that it does not allow the machine to boot under Windows, and users are on the UEFI screen of the computer that cannot use their PC.
The reason for all this is the secure boot technology of Asus machines and the fact that Windows 7 systems do not fully support them. The purpose of the KB3133977 update is to fix a problem that prevents BitLocker from encrypting drives on Win7 machines. And although KB3133977 fixes the problem, it causes the new secure boot violation for Asus users. As I said, Win7 is not exactly compatible with the Secure Boot technology used on Asus motherboards, so this Secure Boot was not fully enabled on Win7 machines. However, this changed with the introduction of the new update – the secure boot function was fully enabled with KB3133977 and is now the cause of the Secure Boot Violation error.
Each time an Asus PC is started with Secure Boot fully enabled, the machine automatically performs a scan, and if the detected operating system (Windows 7) is not detected as compatible, it prevents the machine from continuing to load into the operating system interface.
Set Boot Priority or Disconnect External Drive
If you encounter the “Secure Boot Violation” error when connecting an external drive (hard disk or USB stick) to your PC before booting, access the BIOS/UEFI settings and configure the boot priority (boot order). Make sure that the system is loaded from the internal hard disk or Windows boot manager and not from removable media. Note that the hard disk is the first in the boot order.
To make things easier, simply turn off the computer, remove the external drive and restart the system.
In all other cases, you will need to make the following corrections:
- Disable the secure start control.
- Enable CSM and disable Quick Boot
- Set all keys under Key Management to Not Installed.
- Disable the execution of the driver‘s signature
Disable security boot
I also suggest that you disable and check the secure boot process. When your computer starts, wait for the manufacturer’s logo to check the boot menu option, it is usually one of the function keys (e. g. F12). Restart the computer; continue to press the Boot menu option key to access the boot menu. Disable the secure boot option and check the box.
Enable CSM and disable Fast Boot
- In the Security tab, go up and select the Start tab.
- Select Quick Start and press Enter, then select Disable.
- Then select Start CSM and select On.
- Go to the Save and Exit tab.
- Select Save and exit the changes and confirm with Yes.
Uninstall KB3084905 Windows Update.
When the KB3084905 update for Windows Server 2012 and Windows 8.1 was released, Microsoft announced that the update could cause secure boot problems on computers that are connected to the same domain controller. The easiest way to solve this problem is to uninstall this update from your computer by following these steps:
- Click the Start Menu button and open the Control Panel by typing its name and clicking on the first option at the top, or by finding its entry in the initial Start Menu screen.
- Switch to View As: Category in the upper right corner, then click Uninstall a program in the Programs pane. On the right side of the screen, you should see the Show Installed Updates in Blue button, so click it.
- You should now be able to see a list of all Windows updates installed on your computer. The lower part of Microsoft Windows contains update KB3084905.
- Scroll to the left to check the Installed column on which the date the update was installed is displayed. Be sure to find the update with KB number KB3084905.
- Click once on the update and select Uninstall above and follow the instructions on the screen to get rid of the update.
- Wait for Microsoft to launch a new update that should be installed automatically if you have configured automatic Windows updates. Check if the problem “Secure boot violation – invalid signature detected” still occurs during the boot process!
RECOMMENDED: Click here to troubleshoot Windows errors and optimize system performance
CCNA, Web Developer, PC Troubleshooter
I am a computer enthusiast and a practicing IT Professional. I have years of experience behind me in computer programming, hardware troubleshooting and repair. I specialise in Web Development and Database Design. I also have a CCNA certification for Network Design and Troubleshooting.