New
#1
If I cannot enable Secure Boot, then why use UEFI instead of BIOS?
For what it may be worth, I have decided to do a "clean install" that overwrites the existing Windows 7 Pro SP1 (fully updated) installation on my computer system, after (a) installing a new and different ASUS 970 Pro Gaming/Aura motherboard which supports UEFI, and (b) installing a new AMD Phenom II X4 960T 3.0/3.4 GHz CPU instead of continuing to run the 6 y.o. CPU currently installed.
My primary reason for re-installing Windows 7 is to use the motherboard's UEFI feature instead of BIOS. I have assumed that, by using UEFI, I can configure the system for Secure Boot. However, according to all that I have read about using UEFI with Windows 7 on this website, I must disable Secure Boot because the OS is Windows 7. Three pages of instructions concern the subject:
How to Do a Clean Installation with Windows 7
Clean Install Windows 7
This tutorial begins describing the installation process with:Warning
If you want to install Windows 7 using UEFI instead of BIOS, then see this below first.
How to Install Windows 7 Using "Unified Extensible Firmware Interface" (UEFI)
UEFI (Unified Extensible Firmware Interface) - Install Windows 7 withThe introduction for the referenced instructions (above) ends with the following:WarningBut keep reading, the hyperlink in the last line above is for the page:
- Disabling UEFI will make the system unbootable as there is no MBR on the disks.
- You CANNOT make a sector-by-sector copy of GPT disks. The Disk and Partition GUIDs will no longer be unique. This must never happen. You can make a sector-by-sector copy of the contents of ESP or basic data partitions.
- Disable secure boot before installing Windows 7.
_______________
Note: the second line above mystifies me. If making a sector-by-sector copy of the "GPT disk" on which Windows 7 is installed "must never happen", then what software can I run to make a backup-copy of the Windows 7 installation on that drive? Be aware that the Windows 7 partition will include all software installed that requires access to the Windows Registry.
Nonetheless, it is the third line which gives me pause. The instructions which follow the above warning never mention whether Secure Boot can be re-enabled after Windows 7 is installed.
How to Enable or Disable Secure Boot in UEFI
https://www.eightforums.com/tutorial...able-uefi.html
The introduction on the above page ends with the following:
Warning
Arm based Windows RT PCs and devices will have a locked boot loader, so you will not be able to disabled secure boot on them.
If you have a Windows 8.1 device that has the device encryption feature turned on and disable secure boot, then you may not be able to access the data on the disk until you enable secure boot again.
Do not enable secure boot with Windows 7, Vista, or XP installed. If you do, these OSs will not boot until secure boot is disabled._______________So, if I cannot enable Secure Boot, then what benefit would there be to install Windows 7 with UEFI instead of BIOS?
For your information:
The motherboard manual BIOS Information - Boot Menu section does not disclose any limitation as to the version of Windows. It presents two options from which I can select one, to quote:
Secure Boot
This item allows you to configure the Windows Secure Boot settings and manage its keys to protect the system from unauthorized access and malwares during POST.OS Type [Windows UEFI Mode] /* the choice in the brackets signifies the default */Note: If I do not choose to use UEFI, then I expect to simply prepare Windows 7 for the motherboard change with the SYSPREP method described by another tutorial of this forum. If I recall correctly, its instructions mention that, if the motherboard supports Secure Boot, then I must disable it in the BIOS before booting Windows 7. So I have anticipated selecting the [Other OS] option above before booting Windows (after it has been "prepped") from the drive on which it is currently installed.
[Windows UEFI Mode]This item allows you to select your installed operating system. Execute the Microsoft Secure Boot check. Only select this option when booting on Windows UEFI mode or other Microsoft Secure Boot compliant OS.[Other OS]Get the optimized function when booting on Windows non-UEFI mode. Microsoft Secure Boot only supports Windows UEFI mode._______________
Thank you for your time and attention to this inquiry. I am looking forward to your answer and any additional advice you might offer.