How can bypass secure boot enable for gpupdate /force?

Question

We are using windows 10 client machine and windows server 2019.

In Windows 10 and windows server 2019 , while gpupdate /force, it showing error as below.

Windows 10 and server 2019 does not support secure boot.

How can bypass secure boot while gpupdate?

Answer 1

Hello

The error message you’re seeing is related to the Secure Boot feature in Windows. Secure Boot is a security standard developed by members of the PC industry to help make sure that your PC boots using only software that is trusted by the PC manufacturer.

However, if you’re facing issues with gpupdate /force and Secure Boot, you might want to consider the following steps:

Update Windows: Ensure that your Windows 10 and Windows Server 2019 are up-to-date. Microsoft released a security update on or after April 9, 2024, which includes mitigations against the Secure Boot bypass. However, these mitigations are not enabled by default.

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

Force Group Policy Update: You can force a Group Policy update using the command prompt or PowerShell. Here are some commands you can try:

1.To refresh both the User and the Computer halves of the Group Policy objects: gpupdate /force

2.To refresh just one half or the other, use this syntax: gpupdate /Target:Computer or gpupdate /Target:User

3.If some policies cannot be updated in the background, gpupdate can log off the current user: gpupdate /target:user /logoff

4.Or restart a computer (if the GPO changes can only be applied when Windows boots): gpupdate /Boot

Please note that disabling Secure Boot can put your device at risk of being infected by bootkit malware. Therefore, it’s recommended to thoroughly review the details and test thoroughly before applying any changes.

Answer 2

Hello

The error message you’re seeing is related to the Secure Boot feature in Windows. Secure Boot is a security standard developed by members of the PC industry to help make sure that your PC boots using only software that is trusted by the PC manufacturer.

 

However, if you’re facing issues with gpupdate /force and Secure Boot, you might want to consider the following steps:

 

Update Windows: Ensure that your Windows 10 and Windows Server 2019 are up-to-date. Microsoft released a security update on or after April 9, 2024, which includes mitigations against the Secure Boot bypass. However, these mitigations are not enabled by default.

 

KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 - Microsoft Support

 

Force Group Policy Update: You can force a Group Policy update using the command prompt or PowerShell. Here are some commands you can try:

1.To refresh both the User and the Computer halves of the Group Policy objects: gpupdate /force

2.To refresh just one half or the other, use this syntax: gpupdate /Target:Computer or gpupdate /Target:User

3.If some policies cannot be updated in the background, gpupdate can log off the current user: gpupdate /target:user /logoff

4.Or restart a computer (if the GPO changes can only be applied when Windows boots): gpupdate /Boot

 

Please note that disabling Secure Boot can put your device at risk of being infected by bootkit malware. Therefore, it’s recommended to thoroughly review the details and test thoroughly before applying any changes.

 

Answer 3

Hello

Is your problem solved?

If the above reply is helpful to you, please mark your reply as an answer, thank you very much!

If you have any further questions, please do not hesitate to contact us.

Thanks