- What Is The “Invalid Signature Detected” Error?
- Ways Where the “Invalid Signature Detected” Error Occurs
- How to Get Rid Of the “Secure Boot Violation Invalid Signature Detected” Error on Windows 10
- Step 1: Set Boot Priority or Disconnect External Drive
- Step 2: Disable Secure Boot Control
- Step 3: Enable CSM and Disable Fast Boot
- Step 4: Set All Keys Under Key Management to Not Installed
- Step 5: Disable Driver Signature Enforcement
- Use Auslogics Driver Updater to Get the Latest Drivers
- Important: Enable the Driver Signature Enforcement Again
Are you facing an error keeping your ASUS computer from booting into Windows? You are stuck in the UEFI screen with a Secure Boot Violation error message that reads, “Invalid signature detected. Check Secure Boot Policy in Setup”.
The problem is not specific to ASUS users. It could also occur on other laptop brands.
Your first reaction, naturally, might be to panic. No one likes encountering a system issue. But put your mind at ease. Don’t lose hope just yet.
With the troubleshooting steps we’ll provide in this guide, you can fix this error in the comfort of your home or office. So, there would be no need to plan a visit to your PC repair expert.
What Is The “Invalid Signature Detected” Error?
The issue began on Windows 7 after the KB3133977 update was released. KB3133977 was meant to fix a problem that prevented drive encryption by BitLocker.
The purpose was achieved, but coincidentally, the update resulted in the “Invalid signature detected” error on ASUS PCs.
This happened because the Secure Boot Technology present in ASUS motherboards is not compatible with some versions of Windows. It is, therefore, not fully enabled on machines running on the OS.
But once the update is installed, Secure Boot gets fully activated. When the PC is turned on, and the detected OS is incompatible with the feature, a boot is prevented, and the Secure Boot Violation error message is displayed.
Although Microsoft later patched the problem, it still exists in later versions of Windows, including Windows 10.
Ways Where the “Invalid Signature Detected” Error Occurs
The error can occur in any of the following scenarios:
- After installing a secondary operating system on your PC (dual boot configuration).
- After flushing or resetting UEFI/BIOS to factory settings.
- After upgrading to a new version of Windows.
- You fixed it in a new HDD or SSD.
- After the Digital Signature Driver Verification (Windows Driver Signature Enforcement) has been enabled.
Whatever the cause, let’s go ahead and see how to fix “Secure boot violation invalid signature detected” on Windows 10.
How to Get Rid Of the “Secure Boot Violation Invalid Signature Detected” Error on Windows 10
Note that the method of accessing the BIOS/UEFI screen will vary based on the brand of your PC. But it usually involves restarting your computer and pressing any of the following keys repeatedly: F1, F2, Fn + F2, or Del. Another way is to click OK on the error message.
Here’s how to fix the “secure boot violation invalid signature detected” error.
Step 1: Set Boot Priority or Disconnect External Drive
If you encountered the “Secure Boot Violation” error when an external drive (whether a hard drive or USB flash drive) was connected to your PC before starting up, access the BIOS/UEFI settings and configure boot priority (boot order).
Ensure the system loads from the internal hard disk or Windows Boot Manager and not from Removable Devices. See that Hard Drive comes first in the Boot order.
To make things easier, turn off the computer, unplug the external drive, and reboot the system.
In any other case, you’ll have to perform the following fixes:
- Disable Secure Boot Control
- Enable CSM and disable Fast Boot
- Set all keys under Key Management to Not Installed
- Disable Driver Signature Enforcement
Step 2: Disable Secure Boot Control
This is often sufficient in resolving the “Invalid signature Detected” error. Here’s what you have to do:
- Enter “BIOS.”
- From the main tab, use the right arrow key (→) to navigate to the “Security” tab, “Authentication” tab, or “Boot” tab. The “Secure Boot” menu is under one (depending on your BIOS/UEFI setup utility). Use the down arrow key (↓) to select the option and press Enter.
- Select “Secure Boot Control.”
- Choose “Disabled.”
Note: There’s another way to disable Secure Boot. If an option says “OS type” in the menu from No.2 above, navigate to it and select “Other OS.” That should do the trick. It doesn’t matter that your PC is running on the Windows operating system.
Step 3: Enable CSM and Disable Fast Boot
After completing the procedure in Step 2:
- Look for the Fast Boot option. It will be located under the “Security,” “Authentication,” or “Boot” tab, depending on your BIOS.
- Select the option and press “Enter.”
- Now, choose “Disable.”
- Move down to “Launch CSM” and choose “Enabled.”
- Go to the “Save and Exit” tab.
- Select “Save Changes and Exit.”
- Choose “Yes” to confirm the action.
Note: You can also save the changes made to the BIOS by pressing F10 on your keyboard. However, this also depends on your device.
When you perform the above fixes, the error in the discussion should now be resolved. However, if it persists, enter BIOS or UEFI once again and try the solutions below.
Step 4: Set All Keys Under Key Management to Not Installed
The “Invalid signature detected” error might happen after UEFI/BIOS update. The boot loader can recognize a mismatch between the operating system and saved keys in this scenario. You’ll then have to reset the keys to fix it.
Here’s how to do so:
- Enter “BIOS” and head to the “Security” tab.
- Locate “Key Management” and select it.
- Set all the keys to “Not Installed.”
If the “secure boot violation invalid signature detected” error isn’t fixed, try the next step below.
Step 5: Disable Driver Signature Enforcement
If the issue persists at this point, there could be unsigned device drivers that conflict with the system protection module.
To resolve this, you’ll have to disable the digital signature verification of drivers.
- To access the recovery environment, boot Windows 10 from the installation media.
- Press “Shift + F10” once the installation screen comes up.
- Now, to permanently disable driver signature enforcement, input the following lines in the Command prompt window and press Enter after each one:
- bcdedit.exe -set load options DISABLE_INTEGRITY_CHECKS
- bcdedit.exe -set TESTSIGNING ON
The system should be able to boot afterward without any setback. You will find a “Test Mode” watermark at the bottom-right corner of your PC screen. This indicates that installing unsigned or unverified drivers is no longer restricted.
You’ll need to locate and remove the unsigned drivers that caused the “Invalid signature detected” error. Follow the steps below to achieve this:
- Press the Windows logo key + R on your keyboard to open the Run dialog.
- Type “sigverif” into the text box, click OK, or press Enter. This will open the “File Signature Verification” utility.
- Click the start button.
- A full-system scan will begin. All unsigned drivers that are installed on your computer will be detected.
- Once the scan is complete, you’ll be presented with a list. Uninstall the problematic drivers through Device Manager and then install a signed version that’s up to date.
Use Auslogics Driver Updater to Get the Latest Drivers
After following the steps above to stop driver signature enforcement and identify unsigned drivers, you can use Auslogics Driver Updater to help you update to the latest, signed versions of those drivers.
- Note the faulty drivers that need updating after disabling driver signature enforcement and discovering unsigned drivers using the “File Signature Verification” program.
- To update the drivers on your Windows computer, install and launch Auslogics Driver Updater. This program will quickly and easily check for outdated drivers and prepare them for updates.
- Initiate a scan with Auslogics Driver Updater. The software will analyze and check for any incompatible or outdated drivers, including the ones you checked as unsigned.
- When the scan is finished, Auslogics Driver Updater will provide a list of the drivers that are no longer up to date. The newest driver version and details about the device’s manufacturer will also be included.
- Determine which drivers were at fault for the “Invalid Signature Detected” error that appeared during the scan. The software will display the drivers that need updates.
- To update your drivers, check the boxes next to their names, and hit the “Update” button.
No doubt, the tool offers a fool-proof service that protects you from experiencing such inconveniences as the “secure boot violation invalid signature” error. Use it today and kiss driver-related issues on your PC goodbye. Ensure your computer is in its best state at all times.
Important: Enable the Driver Signature Enforcement Again
Note: Remember that Driver Signature Enforcement is a critical security protocol. Without it, your system will be under serious safety threats (becoming vulnerable to virus and malware attacks via untrusted drivers).
You, therefore, have to enable the feature once again. Follow these easy steps to get it done:
- Press the Windows logo key + R on your keyboard to open the Run dialog.
- Type CMD in the text box, press Enter, or click OK. This will open the Command Prompt window.
- Enter the following commands and press Enter after each one:
- exe /set nointegritychecks off
- bcdedit /set testsigning off
- Close the window and reboot your computer.
By the time you’re reading this paragraph, it is expected that the issue that led you to this guide should be successfully resolved by the “secure boot violation invalid signature detected” error. You can now use your computer without any more setbacks.
The “Invalid Signature Detected” error on a Windows computer can be frustrating but can be fixed. You can avoid taking your computer to a professional repair shop by following the steps outlined in this guide and fixing the problem.
Keep your software up-to-current, double-check the system date and time, and re-download any necessary files from reliable sources. If the problem persists, it’s best to contact the software provider for help or newer versions of the program.
Furthermore, you can use Auslogics BoostSpeed 13 to ensure your computer runs smoothly. It does this by removing unnecessary files, free up disk space, fixing invalid registry entries, and more. In all, it helps to boost your PC performance.
How to Fix Invalid Signature Detected?
You can do a few things if you’re getting the “Invalid Signature Detected” message on a Windows computer. To ensure the file wasn’t corrupted during the initial download, you should try downloading it again from a reliable source.
You should also keep your OS and antivirus software up-to-date, as using an older version can cause signature verification problems. Also, Incorrect date and time settings might cause signature validation issues. Therefore it’s necessary to check and correct these.
If the error persists, you contact the software provider for assistance or for new software versions.
What Does “Invalid Signature Detected” Mean on a Windows PC?
The “Invalid Signature Detected” error means that the digital signature can’t be validated for files, documents, or programs on a Windows PC. The signature was either not provided, has since expired, or been revoked, or doesn’t correspond to the requested signature, according to the error notice.
When a file’s signature is invalid, it raises red flags that it may have been tampered with or corrupted. The safety and dependability of the file or program depend on fixing this problem.