Not sure how this is a big deal. It just means that unsafe OSes can be booted up as well. But how is that a problem?
I'd rather be able to boot rather than not. The onus is on the user for grabbing a clean copy of an OS, not MSI.
Also, trying to play around with this might lock people out of third-party optimized OSes, or even non-Windows OSes.
Rather not fix what isn't broken.

 

I thought it was big because it breaks the purpose of the setting i guess but ok

 

Honestly, this isn't so much "breaks" it, as just means that it's basically worthless. Which given some of the UEFI nasties lurking on the internet is fairly obvious already. It's also why Pluton, and other even more restrictive methods are being developed to wrestle control of your PC from you.

On a laptop, I might care. On a desktop? No.

At least it doesn't hose systems like Microsoft "fixing" a secureboot bug which sent Windows into BitLocker recovery mode.

 

Honestly, this isn't so much "breaks" it, as just means that it's basically worthless. Which given some of the UEFI nasties lurking on the internet is fairly obvious already. It's also why Pluton, and other even more restrictive methods are being developed to wrestle control of your PC from you.

Pluton? I haven't heard of this yet, do you have a link to a good source on it?

Non issue and I would disable all these secure boot and TPM things if I could as they break windows reinstalls.

They don't break windows installs/reinstalls.
It does, however, make working with non-ubuntu/RHEL *nix os's annoying.

Yea I try all the dodgy overclocking and tweaking tools I can find, so what? Also when reinstalling windows now, if you don't have an internet connection you can't pass security for logging into your MS account, and it no longer lets you use Windows without a microsoft account, and thus you can also no longer set an unlinked account to not require a password on startup.

I thought this as well, but I found info that states otherwise, and it works on w11 as well. I'll look for the link and post it later tonight.

 

I have not used secureboot on a desktop since I can't even remember

 

Non issue and I would disable all these secure boot and TPM things if I could as they break windows reinstalls.

 

So reading more into this secure boot thing, it could be the reason why when I tried out a free ramcache software I found, it stopped windows from starting up and would blue screen when trying to load the driver file for the software on startup.

Yea I try all the dodgy overclocking and tweaking tools I can find, so what? Also when reinstalling windows now, if you don't have an internet connection you can't pass security for logging into your MS account, and it no longer lets you use Windows without a microsoft account, and thus you can also no longer set an unlinked account to not require a password on startup.

At the least it lets you set a 4 digit pin for faster login, but ofc 1111, 2468 and 3579 were all disallowed pins as Microsoft decide they are too easy to crack or whatever.

I live alone and even if I did get robbed, my insurance would pay for a new system. I don't need any of these useless security features for my PCs at home.

 

About time they educated themselves then.

 

yeah seriously. the answer is literally a google/bing/insertenginechoice away.

Some of us customize windows ISO's for stuff like MDT deployments too, so to be fair on the tech enthusiast side, it's a niche you can get into.

 

Apologies for the pseudo-necro.

Latest Windows patch bonanza has a fix for a SecureBoot vulnerability which even fully locked-down systems are vulnerable to.

How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

support.microsoft.com

And, just to add extra bitter almonds to the icing, it needs to be applied manually.

Which I guarantee 99.9% of Windows users will never do. Microsoft are apparently rolling out a "simpler" fix (I wonder how many systems that will brick?).

...and people wonder why I think SecureBoot isn't about being actually secure, and everything to do with putting more challenges in the face of competing OSes and those users who wish to use them...

 

Manually because backups (if they are done) will be broken after the patch is properly applied.

This change will be enforced later this year so people have time to fix their backups.