INFO: Restrictions With Secure Boot

08/29/2024

You might have already come across this in the news, as it affects many other products as well, especially various Linux distributions.

We have previously reported on the nature of the problem. At that time, we emphasized that Miray has no control over these updates, as their timing is entirely determined by Microsoft – as is the case again this time. Due to these updates not being announced in advance, we regret that we were unable to give you any advanced notice.


_______________________________________________________________________________

What Do These Revocations Mean For You?

If Secure Boot is enabled in the UEFI (BIOS) on the systems that have undergone the update, older versions of HDClone (X.4 and older) & HDShredder (6 and older) acan no longer be started in the self-booting variants. Instead, an error message will appear from the UEFI firmware. This issue does not affect the use in Windows (.exe).

Because these changes were made tacitly to the UEFI firmware as part of a Windows update, you may find that these changes have already been implemented on your system any intentional adjustments having been made. For more details on the technical specifics, please read below.
_______________________________________________________________________________

Possible Solutions

Solution 1: Disable the UEFI Firmware Secure Boot

To continue self-booting starts of HDClone X.4 or HDShredder 6 (and earlier versions), you will need to disable Secure Boot on the affected systems.

Below, we explain how Secure Boot works and what impact disabling it will have on the self-booting versions.

Solution 2: Update your HDClone and HDShredder licenses

By updating/upgrading to the newest versions, you'll regain the ability to self-boot the programs with Secure Boot enabled. Additionally, you will be able access and enjoy all of newest features. For more, please check out these documents:

HDClone X.5 Feature Summary.
HDShredder 7 Feature Summary
_______________________________________________________________________________

Although we have no control over blocking of the bootloaders, we are committed making the update process as easy as possible for you. Now through September 5, 2024, we are offering 10% off of any HDClone X.5 or HDShredder 7 update/upgrade!
_______________________________________________________________________________

Use the Update & Upgrade Configurator to choose your enhancement, then add the respective coupon code at checkout:

For HDClone X.5: UPDATE2HDCX5
For HDShredder 7: UPDATE2HDS7

*) Valid through 09/05/2024. Only one discount per purchase. Cannot be combined with other offers or codes.
_______________________________________________________________________________

Technical Background

Most modern UEFI systems come with a Secure Boot mode. Secure Boot ensures that only trusted operating systems can be run on these systems. The trustworthiness of the operating systems is verified by a bootloader that is signed by Microsoft, whom acts as a "gatekeeper" for Secure Boot certificates.

Without a bootloader, each Secure Boot signature would need to be manually saved to the UEFI setup of every individual system. While this is possible from a purely technical standpoint, it would require a considerable degree of effort, which is not feasible, especially for portable or infrequently used, bootable tools.

Microsoft has now decided to revoke many bootloaders with older signatures, as they are considered potentially vulnerable and could therefore compromise the Secure Boot mechanism. Technically, this revocation is implemented through a Windows update, which also updates the system's UEFI without the user being explicitly notified.

Because this change not only affects Windows itself, but also the entire system and other operating systems that are run on it, many users were unexpectedly confronted by the change last week.