MSI has assured Reddit users that it will soon roll out a fix for the Secure Boot bug affecting numerous motherboards from AMD and Intel. New firmware fixes errors and enforces stricter security settings.
A recent discovery showed that MSI accidentally disabled Secure Boot’s functionality through a minor firmware glitch. The manufacturer configured the “Image Execution Policy” setting to “Always Run”, rendering Secure Boot useless with the current default settings. As a fix for the mistake, MSI deploys new firmware that utilizes “deny execute” as the default setting.
MSI issued the following statement: MSI Gaming Subreddit (opens in new tab):
“MSI has implemented a secure boot mechanism in its motherboard products following the design guidance defined by Microsoft and AMI prior to the launch of Windows 11. With Secure Boot enabled and ‘Always Run’ as the default setting, users can It provides multiple friendly end-users with the flexibility to build PC systems with thousands (or more) of components, including embedded option ROMs with OS images, for higher compatibility configurations. increase. You can manually set the “Image Execution Policy” as “Deny Execution” or other options to meet your security needs. “
“Following reports of security concerns with preconfigured BIOS settings, MSI deploys new BIOS files for motherboards with ‘Deny Execute’ as the default setting for higher security levels. MSI also retains a fully functional secure boot mechanism, included in the BIOS for end-users to modify as needed.”
MSI’s new firmware fully restores Secure Boot functionality, but users can still enter the BIOS and tinker with individual settings. Unfortunately, motherboard vendors have not specified an exact date when the new firmware will be available to users. However, given the severity of the issue, it shouldn’t be long before the rollout begins.
