Dell Encryption protected devices fail to boot with Operating System Loader failed signature verification

Riepilogo: Devices fail to boot with Operating System Loader failed signature verification when protected by Dell Data Protection | Encryption.

Questo articolo si applica a Questo articolo non si applica a Questo articolo non è legato a un prodotto specifico. Non tutte le versioni del prodotto sono identificate in questo articolo.
Scopri le altre risorse

Sintomi

Affected Products:

  • Dell Encryption
  • Dell Data Protection | Encryption

Affected Platforms:

  • Windows 8.1
  • Windows 10RTM
  • Windows 10 1511

Causa

Microsoft has released an update (MS16-100 aka KB3172729) for Windows 8.1, Windows 10 RTM, and Windows 10 1511; This update has an update for SecurBook that may cause the EFI boot partition to be mounted as a nonsystem disk, causing Dell Encryption (formerly Dell Data Protection | Encryption) to encrypt the files on that partition. This leads to an error stating that the Operating System Loader Signature is invalid:

Operating System Loader Signature is invalid
Figure 1: (English Only) Operating System Loader Signature is invalid

 
 

Risoluzione

How can I prevent this?

This can be mitigated completely by adding an exclusion to an EFI folder to Fixed Disk and General setting policies.

-^3F#:\EFI\

This policy when added to the current encryption policies prevent this from occurring. It is suggested to add this to both policies to prevent Common and SDE from affecting these files.

How can I remediate a device in this state?

Note:  A Windows recovery disk or installation media that matches the major operating system level that is installed on the device (Windows 8.1, Windows 10 build 10240, or Windows 10 build 10586) is required.
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 2: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 3: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 4: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 5: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 6: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 8.1.

Select Windows 8.1
Figure 7: (English Only) Select Windows 8.1

  1. Allow the startup repair to complete.
  2. Reboot
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 8: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 9: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 10: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 11: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 12: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 10.

Windows 10 selection
Figure 13: (English Only) Windows 10 selection

  1. Allow the startup repair to complete.
  2. Reboot

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Prodotti interessati

Dell Encryption
Proprietà dell'articolo
Numero articolo: 000126406
Tipo di articolo: Solution
Ultima modifica: 03 ago 2023
Versione:  10
Trova risposta alle tue domande dagli altri utenti Dell
Support Services
Verifica che il dispositivo sia coperto dai Servizi di supporto.