Dell Encryption protected devices fail to boot with Operating System Loader failed signature verification

摘要: Devices fail to boot with Operating System Loader failed signature verification when protected by Dell Data Protection | Encryption.

本文章適用於 本文章不適用於 本文無關於任何特定產品。 本文未識別所有產品版本。
查看其他資源

症狀

Affected Products:

  • Dell Encryption
  • Dell Data Protection | Encryption

Affected Platforms:

  • Windows 8.1
  • Windows 10RTM
  • Windows 10 1511

原因

Microsoft has released an update (MS16-100 aka KB3172729) for Windows 8.1, Windows 10 RTM, and Windows 10 1511; This update has an update for SecurBook that may cause the EFI boot partition to be mounted as a nonsystem disk, causing Dell Encryption (formerly Dell Data Protection | Encryption) to encrypt the files on that partition. This leads to an error stating that the Operating System Loader Signature is invalid:

Operating System Loader Signature is invalid
Figure 1: (English Only) Operating System Loader Signature is invalid

 
 

解析度

How can I prevent this?

This can be mitigated completely by adding an exclusion to an EFI folder to Fixed Disk and General setting policies.

-^3F#:\EFI\

This policy when added to the current encryption policies prevent this from occurring. It is suggested to add this to both policies to prevent Common and SDE from affecting these files.

How can I remediate a device in this state?

Note:  A Windows recovery disk or installation media that matches the major operating system level that is installed on the device (Windows 8.1, Windows 10 build 10240, or Windows 10 build 10586) is required.
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 2: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 3: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 4: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 5: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 6: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 8.1.

Select Windows 8.1
Figure 7: (English Only) Select Windows 8.1

  1. Allow the startup repair to complete.
  2. Reboot
  1. Launch the install media. At the Windows Setup screen, click the Next button in the bottom-right corner of the window.

Windows Setup screen
Figure 8: (English Only) Windows Setup screen

  1. Click the Repair your computer link in the bottom-left corner of the window.

Repair your computer
Figure 9: (English Only) Repair your computer

  1. Click Troubleshoot.

Troubleshoot
Figure 10: (English Only) Troubleshoot

  1. Click Advanced options.

Advanced Options
Figure 11: (English Only) Advanced Options

  1. Click Startup Repair.

Startup Repair
Figure 12: (English Only) Startup Repair

  1. If prompted to select the target operating system, click Windows 10.

Windows 10 selection
Figure 13: (English Only) Windows 10 selection

  1. Allow the startup repair to complete.
  2. Reboot

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

受影響的產品

Dell Encryption
文章屬性
文章編號: 000126406
文章類型: Solution
上次修改時間: 03 8月 2023
版本:  10
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。