Windows Secure Boot

Secure Boot is a feature included on UEFI-based computers running Microsoft Windows 8 or Windows Server 2012 and later. It provides a measure of security previously unavailable by ensuring that only trusted software components, signed by Microsoft or the computer manufacturer (OEM), are used during the boot process. That prevents malicious code from being inserted into the pre-boot environment of a system that can't easily be protected against by antivirus and other security software running on the operating system.

UEFI (Unified Extensible Firmware Interface) is a firmware interface standard that replaces the older BIOS (Basic Input/Output System) standard. It provides many new features and capabilities over BIOS and is increasingly being adopted by computer manufacturers. In addition to Secure Boot, it also provides support for GPT partitioned boot disks, faster boot times, and overall increased flexibility. Microsoft requires manufacturers selling computers with Windows 8 or Windows Server 2012 and later pre-installed to include UEFI firmware.

For more information on Secure Boot see the Microsoft article Secure Boot Overview. For more information on UEFI and how it pertains to Windows see the Microsoft article UEFI Firmware.