Event ID 1798 occurs when an attempt is made to add the Microsoft Windows Production PCA 2011 certificate; this is an old and less secure certificate compared to UEFI CA 2023. In this post, we will share how you can fix the issue.
To prevent the DBX list from being outdated and causing potential security issues, the secure boot update fails automatically. DBX is the forbidden signatures database, a database of signatures that are forbidden from running during the boot process, and is a part of the UEFI secure boot.
What does Event ID 1798 mean?
Event ID 1798 does not harm your PC. It simply means that your PC’s security measures are working correctly. However, it can mean that some outdated signatures may have run during the boot process. Fixing event ID 1798 typically requires a firmware update and UEFI CA 2023 Certificate installation.
Fix Event ID 1798, The Secure Boot Dbx update failed to revoke Microsoft Windows Production PCA 2011
The two fixes recommended for the Event ID 1798 are
- Update PC Firmware
- Add Windows UEFI CA 2023 to DB
Make sure to use an admin account.
1] Update PC Firmware
Updating PC firmware installs all the latest secure boot certificates and updates the DB. Firmware updates can be found in the optional updates in Windows settings; here’s how to update it:
- Open Windows Settings.
- In the Settings, head to the Windows Update section from the left pane.
- Now, open Advanced options, then open Optional Updates.
- In the Optional Updates, you will see a firmware update if available.
- Select it, and click Download and Install.
Your PC will reboot automatically to install the firmware update.
Read: Secure Boot Violation, Invalid signature detected in Windows
2] Add Windows UEFI CA 2023 to DB
You can add the Windows UEFI CA 2023 Certificate to DB, which is the updated version of the Microsoft Windows Production PCA 2011, and will fix the issue caused by event ID 1798. This can be done through the Registry Editor. Here’s how:
- Open the Registry Editor by searching for it in the Windows Start menu.
- Now, in the Registry Editor, navigate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot
- Find the entry titled AvailableUpdates and double-click it.
- Now, change the Value Data to 0x40 and save it.
- Reboot your PC to apply the DB update.
Read: How to take a Registry Backup in Windows
We hope that you found this article helpful and were able to fix event ID 1798. Remember, it is highly recommended that you take a backup of crucial files before updating the firmware.
Related: Event ID 1034 or 1036: Secure Boot DBX update applied successfully
What is Secure Boot DBX update?
This update adds new modules to the Secure Boot Forbidden Signature Database (DBX), preventing UEFI modules from loading. However, a security vulnerability in Secure Boot might allow attackers to bypass the security feature and load untrusted software.
Related: Event ID 1037, Secure Boot DBX update to revoke Microsoft Windows Production PCA 2011 is applied successfully
Is a Secure Boot necessary?
“Secure Boot” is a security feature that only allows trusted software to run, protecting your system from malware and cyber threats.
