none
Windows UEFI Firmware Update

    Question

  • Hello,

        When develpoing the function, I have created an ESRT table already. Is there someone helping to clarify following

    - What kind of behavior on Secure Boot enabling system?

    - before updating the firmware, it mentions there's a "Verify" process, is it done by Windows? who will pass the payload to UEFI UpdateCapsule function? is it Windows loader or system firmware?

    - if the payload is passed by Windows loader. how's the MS firmware update driver relationship with secured boot?

    Note: I can firmware update succeed with test sign key on "secured boot" disabling system, but fail with company digitall sign on "secured boot" enabling system.


    Terence Liu


    Tuesday, May 26, 2015 6:32 AM

Answers

All replies

  • I'd try them over here.

    https://social.msdn.microsoft.com/Forums/windowsdesktop/en-US/home?category=windowsdesktopdev

     

     

     


    Regards, Dave Patrick ....
    Microsoft Certified Professional
    Microsoft MVP [Windows]

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Tuesday, May 26, 2015 9:38 AM
    Moderator
  • hi Terence Liu:

                           you say that you can succeed with test sign key on "secured boot" disabling system. can you share this? I update the device firmware fail.with the error code 10.

    fail status is that:

    Indicates a revision number encountered or specified is not one known by the service. It may be a more recent revision than the service is aware of.

    I see in the spec that "sign the contents of the capsules as per instructions in section 5.2.3 signing the capsule".

    Is it necessary to sign the capsule?

    Thursday, September 29, 2016 7:29 AM