ShadowDragon9731
commented
2 years ago I'm having the save isue
Open oklokl opened 2 years ago
ShadowDragon9731
commented
2 years ago I'm having the save isue
oklokl
commented
2 years ago SHA256 8D54AA5C12D15C6813A8A184198CAF9AEB24BE0F3A4AF68D2DDA011CFEA2E13F ventoy-1.0.79-windows.zip Even with another device usb+sd card, it is new. Even after reformatting, the symptoms were the same. (I mean I tested it with other devices as well)
There is no problem with the sd card. No bad sector. It's a new sd card.
My delusion. I guess 'ms' seems to have changed secure boot. This has happened after the security patch.
jimmyshjj
commented
2 years ago Same issue here.
AnomSanjaya
commented
2 years ago Did u use Lenovo and upgraded BIOS/Firmware recently? If yes, i can confirm that Lenovo was blacklist grub signed EFI in "forbidden signed database" it means the Linux OS can't boot properly in Secure Boot mode, but i dont know when grub EFI with Microsoft signed (like Kaspersky Rescue Disk) was impacted too...
Merennor
commented
2 years ago Same issue. 1.0.78 working, but 1.0.79 gives an error (Invalid signature detected)
(BIOS: FX506LI ver. 310; Windows 10 21H2) / MBR + UEFI (Secure Boot support)
gitdine
commented
2 years ago Did u use Lenovo and upgraded BIOS/Firmware recently? If yes, i can confirm that Lenovo was blacklist grub signed EFI in "forbidden signed database" it means the Linux OS can't boot properly in Secure Boot mode, but i dont know when grub EFI with Microsoft signed (like Kaspersky Rescue Disk) was impacted too...
Yes! After recent update my laptop won't boot Ventoy with Secure Boot on. I get no error message, just returns to boot menu. Disabling Secure Boot works for now, but hopefully a solution will come soon.
EDIT: I found a solution: just reset Secure Boot keys in your BIOS settings After doing this Ventoy works with Secure Boot again 🙂
gitdine
commented
2 years ago 
eskoONE
commented
2 years ago so whats the deal with it now? i have an old main board that hasnt received updates for over 4 years now. does this mean i have to disable secure boot in order to be able to boot ventoy from now on?
oklokl
commented
2 years ago I recently found a way. If... you want to use the latest version of 1.0.80. Clear secure mode in bios and reboot. (There is an authenticated security key, you need to delete it in the bios section) (For older computers, save something. You should delete it.) (It additionally exists at the bottom of the security mode and in my case there is a 'clean' menu)
Do not enter Windows 10. Boot only the bios and enter the bios.
Then, go back into the bios and create a new security.
And boot Windows. No need to log in. And reboot your computer.
And boot from usb. And go into the 'Ventoy' usb
(Then you can manually register the security key in Ventoy. https://www.ventoy.net/en/doc_secure.html)
However, such a method is very cumbersome and cumbersome. Version 1.0.78 seems to be the best.
It's so good that an option was added in version 1.0.80.. I'm a little uncomfortable.
raywdude
commented
1 year ago EDIT: I found a solution: just reset Secure Boot keys in your BIOS settings After doing this Ventoy works with Secure Boot again 🙂
This also worked on a brand new Lenovo laptop. Thanks!
teohhanhui
commented
3 months ago This is the official and correct method:
https://download.lenovo.com/pccbbs/mobiles_pdf/Enable_Secure_Boot_for_Linux_Secured-core_PCs.pdf
Secure Boot is supported by many Linux distributions and is an important security feature for ensuring that your boot loader and kernel have not been tampered with.
Linux distributions use a Microsoft signed ‘shim’ executable that is then able to verify the subsequent boot stages - that have been signed with the distribution key. The Microsoft signed shim is signed using the “Microsoft 3rd Party UEFI Certificate”, and this certificate is stored in the BIOS database.
Starting in 2022 for Secured-core PCs it is a Microsoft requirement for the 3rd Party Certificate to be disabled by default. This means that for any of these Lenovo platforms shipped with Windows preinstalled an extra step is needed to allow Linux to boot with secure boot enabled.
To enable secure boot to work with Linux we need to enable the “Allow Microsoft 3rd Party UEFI CA” option in the BIOS setup.
AnomSanjaya
commented
3 months ago To enable secure boot to work with Linux we need to enable the “Allow Microsoft 3rd Party UEFI CA” option in the BIOS setup.
It means the Ventoy grub need Microsoft 3rd Party UEFI Certificate to allow boot on secureboot mode natively?
Official FAQ
Ventoy Version
1.0.79
What about latest release
Yes. I have tried the latest release, but the bug still exist.
BIOS Mode
UEFI Mode
Partition Style
GPT
Disk Capacity
32G
Disk Manufacturer
samsung sd card
Image file checksum (if applicable)
No.
Image file download link (if applicable)
https://github.com/ventoy/Ventoy/releases
What happened?
A bug happened!
https://www.ventoy.net/en/doc_secure.html
I've been writing this well until recently.
But
Windows update reason.. This function is not available
A screen like the one above is displayed on my computer.
Press ok and it will boot. Enter the window screen.
Windows 10 kr insider. ver 10.0.19044.1947
By selecting the option as before I want to use it normally thank you. My computer is Intel 4th generation.