Do you have any issues when you want to install Ubuntu or other Linux distributions on your Microsoft Surface devices? By default, Microsoft has blocked all third party boot loaders from booting off your Surface devices.
To fix this, you will need to disable the secure boot on your Surface so you can install a different operating system or do a clean Windows installation. In this tutorial, we will walk you through how to disable and re-enable Secure Boot on Microsoft Surface Pro 4.
- What is Secure Boot?
- How to disable Secure Boot on Surface Pro 4
- How to re-enable Secure Boot on Surface Pro 4
1 What is Secure Boot?
Secure Boot is a new security feature that available only on PCs that has UEFI enabled to blocks the loading of uncertified bootloaders and drives. It helps to prevent your Surface from being loaded with unauthorized operating systems and malicious software applications. All Surface devices ship with Microsoft’s certificate stored in UEFI to verify boot loader integrity before launching it.
There are three options available in Microsoft Surface Pro 4 UEFI for the Secure Boot setting.
Secure Boot is configured by selecting a Secure Boot certificate keyset. There are three keysets to choose from on this PC.
- Microsoft only: Only boot software signed by Microsoft will execute on the PC.
- Microsoft & 3rd-party CA:Â Boot software which is signed by Microsoft or the Microsoft Corporation UEFI CA 2011 will execute on the PC. Choose this option for compatibility with 3rd-party UEFI software and drivers.
- None: No keyset is installed and Secure Boot is disabled. Any boot software will execute on the PC. This configuration is not recommeded and should only be used by advanced users.
2 How to disable Secure Boot on Surface Pro 4
To disable secure boot on Microsoft Surface Pro 4:
- Shut down your Surface Pro 4.
- Press and hold the Volume Up button on your Surface, then press and release the Power button.
- When you see the Surface logo screen appear, release the Volume Up button. The Surface UEFI screen will appear in a few seconds.
- Go to the Security page, under Secure Boot section click Change configuration.
You can notice that the current setting for Secure Boot is Enabled.
- On Change Secure Boot configuration dialog, change the option to None, and click OK to apply the option.
- Now the current setting of Secure Boot will be changed to Disabled.
- Now go to the Exit page, and click Restart now to save the settings and restart your Surface.
- After rebooting, if you see a red bar with an unlock icon in the middle, it means the Secure Boot is successfully disabled.
3 How to re-enable Secure Boot on Surface Pro 4
When you finish your OS installation, you should re-enable the Secure Boot option to protect your Surface from malware and to remove the red bar on your device’s boot screen when it startup. To do so:
- Follow all the steps above to go to the Security page.
- Make sure to select Microsoft only if your current OS is Windows 10, and click OK.
- Now go to the Exit page, and click Restart now to save the settings and restart your Surface.
For more information, check our article on how to configure Surface Pro 4 UEFI here.
More on Surface Pro 4 Tips & Tricks
Here are some related articles for Microsoft Surface Pro 4 tips & tricks you might want to read:
How to Enable Battery Limit Feature on Microsoft Surface
In this article, we will walk you through how to enable and verify the battery limit feature on supported Surface devices.
The 3 easy ways to adjust screen brightness on Surface Pro
Are you getting stuck to lower, increase, turn up, brighten, or change screen brightness on your Surface Pro? In this tutorial, we will show you the 3 easy ways to adjust screen brightness on your Surface Pro.
Ultimate Tips to Max Out Microsoft Surface Battery Life
This is the ultimate tips to max out your Microsoft Surface battery life as long as possible when you are in the class, meeting or working on the site.
Microsoft Surface battery capacity – a complete list
In this guide, you will learn how to convert your Surface battery capacity in mWh to mAh and know about battery information of all Surface models.
How to Download Microsoft Surface Drivers and Firmware
Here we have a list of all download links for each Surface tablet, laptop, PC, and accessories. It is really easy to download and install the latest drivers and firmware on Microsoft Surface devices.
How to download official recovery image for Microsoft Surface
In this article, you will find out how to download a right recovery image to create a recovery drive for resetting your Microsoft Surface device.
COMMENTS
Let us know what you think!
We appreciate hearing your thoughts, questions, and ideas about “Here’s how to disable secure boot on Microsoft Surface Pro 4”.
i’ve been trying all the step to reboot my Surface pro 4 but nothing is happening.. it turn to red bar and unlocked icon for a couple of days now..
Hi Mike,
If you can boot to Windows, you should boot to Surface UEFI via Windows Recovery Settings, as I detailed in the https://surfacetip.com/remove-red-bar-surface-boot-screen/.
There is also another approach that you use to boot to UEFI by using Recovery USB. When you can boot to USB, you can use the recovery mode to boot into UEFI and turn on the Secure boot to remove the red bar.
Here are some resources you may want to review to get your Surface boot from USB:
– How to create Recovery Drive: https://surfacetip.com/reset-surface-using-usb-recovery-drive/
– How to boot from USB: https://surfacetip.com/surface-pro-boot-from-usb/