Dell Encryption protected devices fail to boot with Operating System Loader failed signature verification

Shrnutí: Devices fail to boot with Operating System Loader failed signature verification when protected by Dell Data Protection | Encryption.

Tento článek se vztahuje na Tento článek se nevztahuje na Tento článek není vázán na žádný konkrétní produkt. V tomto článku nejsou uvedeny všechny verze produktu.
Podívejte se na další zdroje

Příznaky

Affected Products:

  • Dell Encryption
  • Dell Data Protection | Encryption

Affected Platforms:

  • Windows 8.1
  • Windows 10RTM
  • Windows 10 1511

Příčina

Microsoft has released an update (MS16-100 aka KB3172729) for Windows 8.1, Windows 10 RTM, and Windows 10 1511; This update has an update for SecurBook that may cause the EFI boot partition to be mounted as a nonsystem disk, causing Dell Encryption (formerly Dell Data Protection | Encryption) to encrypt the files on that partition. This leads to an error stating that the Operating System Loader Signature is invalid:

Operating System Loader Signature is invalid
Figure 1: (English Only) Operating System Loader Signature is invalid

 
 

Řešení

How can I prevent this?

This can be mitigated completely by adding an exclusion to an EFI folder to Fixed Disk and General setting policies.

-^3F#:\EFI\

This policy when added to the current encryption policies prevent this from occurring. It is suggested to add this to both policies to prevent Common and SDE from affecting these files.

How can I remediate a device in this state?

Note:  A Windows recovery disk or installation media that matches the major operating system level that is installed on the device (Windows 8.1, Windows 10 build 10240, or Windows 10 build 10586) is required.
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 2: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 3: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 4: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 5: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 6: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 8.1.

Select Windows 8.1
Figure 7: (English Only) Select Windows 8.1

  1. Allow the startup repair to complete.
  2. Reboot
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 8: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 9: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 10: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 11: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 12: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 10.

Windows 10 selection
Figure 13: (English Only) Windows 10 selection

  1. Allow the startup repair to complete.
  2. Reboot

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Dotčené produkty

Dell Encryption
Vlastnosti článku
Číslo článku: 000126406
Typ článku: Solution
Poslední úprava: 03 srp 2023
Verze:  10
Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell
Služby podpory
Zkontrolujte, zda se na vaše zařízení vztahují služby podpory.