PowerEdge: UEFI0074 - The Secure Boot policy has been modified
Summary: A UEFI0074 warning is generated in the Lifecycle Log during Windows installation or after running Windows Update. Microsoft Windows operating systems can update the DB and DBX entries to ensure that the platform is up to date per industry security standards. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
The Authorized Database (DB) contains public keys and certificates that represent trusted firmware components and operating system loaders.
The Forbidden Signature Database (DBX) contains hashes of malicious and vulnerable components as well as compromised keys and certificates and blocks the execution of those malicious components.
Steps to reproduce:
Microsoft link: Windows Secure Boot Key Creation and Management Guidance | Microsoft Learn
All Supported PowerEdge platforms for Windows OS observe this change when Windows Updates alter DB/DBX values.
The Forbidden Signature Database (DBX) contains hashes of malicious and vulnerable components as well as compromised keys and certificates and blocks the execution of those malicious components.
Steps to reproduce:
- Install Windows Server 2022 Operating System.
- Perform a Windows update and reboot.
- The warning "UEFI0074 The Secure Boot policy has been modified" may be seen in the Lifecycle Controller after step 1 or step 2.
Microsoft link: Windows Secure Boot Key Creation and Management Guidance | Microsoft Learn
All Supported PowerEdge platforms for Windows OS observe this change when Windows Updates alter DB/DBX values.
Cause
The policy updates are working as designed to ensure that the platforms are not susceptible to the loading of malicious or compromised components. Updating the DB/DBX values ensures that only the latest trusted firmware components and OS loaders are allowed to boot on the platforms.
Resolution
This is working as designed. The operating system is allowed to update entries in DB and DBX values during OS installation or through Windows Updates.
Affected Products
PowerEdge, Microsoft Windows Server 2022Article Properties
Article Number: 000226358
Article Type: Solution
Last Modified: 21 Aug 2024
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.