The Secure Boot feature in Windows 11/10/8.1/8, assures a user that his PC boots using only firmware that is trusted by the manufacturer and no one else. So, if there are any incorrect configurations, end users might be presented with SecureBoot isn’t Configured Correctly watermark in the bottom right corner of your desktop.
Why does this feature assume importance? Well, when the Secure Boot is activated on a PC, the PC checks each piece of software, including the option ROMs, UEFI drivers, UEFI apps, and the operating system, against databases of known-good signatures maintained in the firmware. If each piece of software is valid, the firmware runs the software and the operating system. Unauthorized software such as rootkit viruses is prevented from running.
So if you see the Secure Boot isn’t configured watermark correctly on the desktop, it probably indicates that the Windows Secure Boot feature has either been disabled or hasn’t been set up on your PC. The problem wasn’t known much until early Windows adopters started switching to the latest Windows 8.1 update available for free from the Windows Store.
Read: What is Secure Boot, Trusted Boot, Measured Boot.
Secure Boot isn’t configured correctly in Windows
A handful of users started getting Secure Boot Isn’t Configured Correctly message after upgrading to a newer Windows version. Even though no workaround has been made available right now, Microsoft offers a few instructions to get the problem fixed.
First, you need to check to see if Secure Boot has been disabled in the BIOS, and in case it is, re-enable it. Then, you should try resetting the BIOS back to factory settings, and in case this doesn’t work, you could try resetting your PC back to factory state and then re-enable Secure Boot.
Read: How to Secure the Windows Boot Process.
Disable or Enable Secure Boot in Windows
While I do not recommend that you disable Secure Boot, if the option is present on your system, should you wish to, you can disable Secure Boot, by tweaking your BIOS. Using Advanced Options in Windows, click on UEFI Firmware Settings and restart your PC. Now in your BIOS settings screen, in your motherboards UEFI settings, you will see the option to enable or disable Secure Boot, somewhere under the Security section.
View and Check the Event Viewer
To find out the possible reasons, you could check out the Windows Logs. The Windows Event Viewer shows a log of application and system messages – errors, information messages, and warnings.
- Go to View Event Logs > Applications and Services Logs
- Next, choose Microsoft from the Right-pane and then Windows.
- Now, under Microsoft select the Windows folder and search for Verify HardwareSecurity > Admin.
Then, look for either of these logged events:
- Secure Boot is currently disabled. Please enable Secure Boot through the system firmware. (The PC is in UEFI mode, and Secure Boot is disabled.) or
- A non-production Secure Boot Policy was detected. Remove Debug/PreRelease policy through the system firmware. (The PC has a non-production policy.)
You can also use PowerShell commands to check the status.
To see if Secure Boot is disabled, use the PowerShell command: Confirm-SecureBootUEFI. You’ll get one of these responses:
- True: Secure Boot is enabled, and the watermark won’t appear.
- False: Secure Boot is disabled, and a watermark will appear.
- Cmdlet not supported on this platform: The PC may not support Secure Boot, or the PC may be configured in legacy BIOS mode. The watermark won’t appear.
To see if you have a non-production policy installed, use the PowerShell command: Get-SecureBootPolicy. You’ll get one of these responses:
- {77FA9ABD-0359-4D32-BD60-28F4E78F784B}: The correct Secure Boot policy is in place.
- Anything other GUID: A non-production Secure Boot policy is in place.
- Secure Boot policy is not enabled on this machine: The PC may not support Secure Boot, or the PC may be configured in legacy BIOS mode. The watermark won’t appear.
Source: TechNet.
How do I fix Secure Boot isn’t configured correctly?
To fix Secure Boot isn’t configured correctly error, you need to enable Secure Boot from BIOS. Depending upon the motherboard, you can find this setting in different locations. However, almost all modern-day motherboards come with the Secure Boot switch so that users can enable or disable the setting when needed.
How do you fix Secure Boot isn’t configured correctly Insider Build?
To fix Secure Boot isn’t configured correctly on Build 9600 error, you must enable the Secure Boot setting from the BIOS. If it is already enabled on your computer, you need to verify whether your PC detects the change or not. For that, you can open Event Viewer and go to Applications and Services Logs. Here you can find the Windows folder under Microsoft. Then, expand the VerifyHardwareSecurity section and click on the Admin option. Here it shows whether Secure Boot is turned on or off.
NOTE: Microsoft has released an Update – KB2902864, which removes the “Windows Secure Boot isn’t configured correctly” watermark.
Thank you Anand – simple Bios change fixed the problem for me.
Now I just have to find a way to fix the frequent blue screen “driver_IRQL_not_less_or_equal(netio.sys)” and Win 8.1 will be working properly.
Bit surprised such problems were not fixed with the beta version?
Graham (Australia)
Not much information is give about this Stop Error MSDN here http://msdn.microsoft.com/en-us/library/ff559337.aspx. Hope this generic guide helps you however https://www.thewindowsclub.com/windows-7-stop-errors-or-blue-screens-guide.
@gbjohnson:disqus . If Mcafee is installed uninstall it then use its removal tool. From here http://service.mcafee.com/FAQDocument.aspx?id=TS101331. Download is 1/2 way down
Mcafee is a known cause of that stop error esp with that file
Thank you Paul – yes I read that – I’m using Norton 360.
Must be some driver not happy with 8.1.
Haven’t found which yet – to do with netio.sys
DriverMax pointed out a few to update but no sign of netio.
Graham.
What version of Norton 360 is installed?? Because, V3 isnt compatible with Windows 8 or 8.1.
According to this http://www.microsoft.com/en-us/windows/compatibility/CompatCenter/ProductDetailsViewer?Name=Norton%20360&vendor=Symantec&ModelOrVersion=3&Type=Software&tempOsid=Windows+8
I would say Norton’s is the cause. Looks like the only version that is compatible is Version 21. http://www.microsoft.com/en-us/windows/compatibility/CompatCenter/ProductDetailsViewer?Name=Norton%20360&vendor=Symantec&Locale=2052%2C1033%2C2057%2C3081%2C4105%2C16393&ModelOrVersion=21&BreadCrumbPath=norton%20360&LastSearchTerm=norton%2B360&Type=Software&tempOsid=Windows%208.1
I’ve always got the latest version. Thanks.
I think I need to find out how to update the ‘netio.sys’ that is mentioned in the driver error message. If it is part of Win it will eventually come right I expect. We just like to have things work properly don’t we?
I would get something like bluescreenview. http://www.nirsoft.net/utils/blue_screen_view.html. Install / run it. What does it say is the cause?
The prob files will be highlighted. Quite possible your wireless/ethernet drivers are crashing netio.sys.
Even tho netio.sys is crashing, it doesn’t mean it’s the cause of the crash.
Something is making it crash. Whats the specs of your system?? Look in device manager under network adapters. What’s the name/brand of the network adapters here?
Or dbl click on the network adapters / then go to the details tab. Change it to hardware id’s. Copy and paste a line in here or in Google. It’ll tell you what the device is (like realtek/atheros etc)
Drivermax wont find a netio.sys update its a windows file.
Not a device driver (ie: for a wireless / network adapter).
You may have to find out what your wireless / ethernet drivers are (like realtek/atheros etc), (depending on which one you’re using when it crashes). Then update the drivers.
That was interesting – will have to wait till it crashes again as no minidump files exist – presumably I’ve been cleaning things too well. (I’ve looked in the file – it’s empty).
Looks like that bluesreenview program ought to solve the mystery tho. Thank you.
My ASUS R701VZ was working fine till 8.1 update.
Adaptors: Intel(R) Centrino(R) Wireless-N2230 (driver updated 22/8/13) and Qualcomm Atheros AR8161 PCI-E Gigabit Ethernet Controller (NDIS6.30) (driver 1/4/13)
Rolling the 1st back may fix it too? Or update the 2nd.
Yup if u use ccleaner it can delete the dmp / memory dump files. You can untick the option under ccleaner / windows. I’ve read on a few sites some Intel wireless drivers are known to crash. Did you update from 8 or do a clean install of 8.1??
Try these for the wireless
https://downloadcenter.intel.com/Detail_Desc.aspx?agr=Y&DwnldID=23327&lang=eng&OSVersion=Windows%208*&DownloadType=Software%20Applications
Looks like theyre dated 21/10/13. They may include the BT drivers are well?
Altho it says for OEM check the manufacturer’s site (the link below)
Did you install the wireless drivers from the ASUS site? http://support.asus.com/download.aspx?SLanguage=en&p=3&s=392&m=R701VZ&os=&hashedid=n%2fa or are you using the drivers Win 8.1 installed?
The ASUS drivers seem to be later than 22/8/13 (theyre from 12/10/13)
Looks like the drivers from the ASUS site may include the wireless and the LAN drivers?? Cant see any LAN drivers on the ASUS site
For the ethernet / LAN try dbl clicking on the entry in device manager, update it through windowsupdate. See if it picks a later driver up
If you updated the wireless drivers before, did it crash before if youre asking to roll them back?
I’ve unticked the cleaners (Toolwiz Care also – I’ve tried lots of things lately). Those new ASUS drivers have just appeared for 8.1 – I had been looking there. Thanks again. Went to 8.1 as an update – didn’t lose anything. No previous crashes – just thinking of 8.1 incompatibility – silly really.
I just opened lots of tabs in 6 browsers as simultaneously as possible TRYING TO CRASH so I can run bluescreenview! It didn’t. Think I’ll wait for a crash before updating drivers. Had plenty of crashes yesterday…..
Thank you very much for your help Paul – I’m sure we’re close.
Funny thing happened yesterday Anand when I went down those tracks – ended up with a starting loop (from running ‘verify.exe’) – was a bit worrying for awhile! Went into F9, advanced options, startup settings, ‘safe mode’, disabling Norton then turned off ‘auto restart’ – got control again – thank goodness. Good experience though!
Anytime Graham :) There (maybe) entries in event viewer when it crashed. But it may only show netio.sys as the cause.
If you want, next time it crashes, I could use teamviewer http://www.teamviewer.com to check it out. Its like remote desktop, but the person at the other end can see what the helper is doing. And you can also xfer / files and chat
Then we’ll see what bluescreenview brings up (and hopefully) it’ll show the other files that are making netio.sys crash. And then we can go from there. Anyway let me know, and I’ll post my email addy here. Unless you’ve got something like Skype, I’ll add you. To make it easier to communicate
Looks like MS have now released a fix for this prob. As of 28/10/2013
http://support.microsoft.com/kb/2902864
Couple of graphics driver updates via Windows Update yesterday too – the 1.8 wrinckles will gradually be ironed out – early days yet. Plus the makers ones – eg ASUS.
So I take it it hasnt crashed yet / again?
Just thought I’d clean up some startup item before I replied Paul then bingo – it crashed!
Bluescreen view worked this time:- (top line) =
103113-56359-01.dmp 31/10/2013 11:41:20 AM DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 00000000`00000008 00000000`00000002 00000000`00000000 fffff800`01396909 NETIO.SYS NETIO.SYS+17909 Network I/O Subsystem Microsoft® Windows® Operating System Microsoft Corporation 6.3.9600.16384 (winblue_rtm.130821-1623) x64 ntoskrnl.exe+14dca0 C:WindowsMinidump103113-56359-01.dmp 8 15 9600 293,664 31/10/2013 11:43:36 AM
Network I/O subsystem to blame apparently. That = the network adaptors? Their drives were just updated by WinUpdate yesterday.
I’m off to the dientist soon – will have to play later.
netio.sys is a network related file, but its not part of network adapters.
Are there any other files highlighted in pink? It may show netio.sys as the cause up the top. Look at the bottom see what files are highlighted in pink (or in bold). What network adapter are you using to get online, ethernet or wireless? What startup entries did you delete?
And WHEN does it usually crash?? With netio.sys if you use something like file sharing programs, it’ll crash too
If you want zip that dmp file send it to speedytheneedyatgmail.com. I’ll put it thru BSV here. So I can see what else is installed. Replace at (obviously) with @
Just replied to ur email Graham
Is Toolwiz care and B safe installed?? Because according to the site
http://www.toolwiz.com/products/toolwiz-bsafe/ it says
3) Do not install both ToolWiz Care and ToolWiz BSafe in the
same PC.
Is Toolwiz care and B safe installed?? Because according to the site
http://www.toolwiz.com/product… it says
3) Do not install both ToolWiz Care and ToolWiz BSafe in the
same PC.
Back from the dentist……………….
I DO have a lot of things installed that I try out so have not been all that worried – have been gradually stopping them – however most don’t start themseves.
I see things recommended on ‘Giveaway of the day’ & try them out for fun/interest.
Norton 360 is my main security, I buy that – no other Norton item altho it recently updated to a new version so could have problems. I’d rather leave that on & get rid of the others 1st.
‘Toolwiz Care’ only -. ‘Wise Care 365’ is another one. ‘Baido PC Faster’ also – haven’t used it yet but it put itself on the startup – now gone. ‘Iobit Malware Fighter’ has been running.
I’ll now delete these & see what happens. One of them, or the new Norton version is likely the cause.
Hope you haven’t been tearing your hair out Paul………………