An option to update the dbx will be included in a future Rufus version https://github.com/pbatard/rufus/commit/fdde687d4681d58b6eaba8e25b1561bea0614eb5 I have a feeling we'll talk about this soonish again.
Hello dear friend. Thank you for your testing and your reports. I really don't know what happen with Micro$oft. It seems that they want, in all ways, that everyone have "updated" PCs to install Windows 11. That certification problem is related to the UEFI/Firmware version of PC Motherboard, so, as @Carlos Detweiller said: "many older machines won't get firmware updates anymore and stay on the old cert forever". This situation is really disappointing. The worst part is when they want people to use their "New" Windows 11, after throwing an "old" PC (according to them), buy another computer, and use a system that has many bugs (with every monthly update), restrictions, and useless stuff (AI, some apps, and more). But this is not the end, some stupid companies, like Autodesk, said that the support for Windows 10 ends this year. So people using Win10-LTSC in a Industry, Avionics, Automotive environments, that use Autodesk Fusion, must now use Windows 11. All because Autodesk wants to comply Microsoft's dictatorship. Totally disgusting. https://www.autodesk.com/support/te...Announcing-End-of-Support-for-Windows-10.html
@abbodi1406 Just an update. 24H2 ISO works without using NTLite custom profile. Used unattended answer file to do quick debug/testing. 23H2 with UpdBootFiles=1 doesn't work with secure boot on HyperV while 24H2 didn't complain at all. Both 23H2 and 24H2 were integrated with March CU 2025. I finally fixed the performance issue on my Ryzen machine. It was due to Windows Hello security not allowing newer Ryzen Chipset driver to removed even using uninstall tool. Used DriverStoreExplorer to wipe out all AMD drivers. Afterwards, I had to remove the PIN and redo fingerprint and Face enrollment with newly initialized TPM/Pluton and now I get a refreshed Windows Hello Sign-In. Also reverted AMD GPU driver to Dec 2024 due to some driver bugs in 25.3.1 WHQL. The NPU took a long to init, broken Mic array driver and Studio effects were super slow. Did a quick test, 24H2 all updates integrated without ISO took 19 mins while 23H2 took 25 mins as opposed to 2-3hrs for Home/Pro editions. Definitely new certs aren't accepted in build 22621 aka 23H2 while 24H2 does fine with and without secure boot. I think Windows 11 must be renamed to Windows Nah edition. Never saw weird bugs while testing Windows 10 Insider Builds on crappy pentium dual core than on certified Win 11 Business PC. EDIT: Re-did 23H2 with latest safe os and setup dynamic updates. Now you can enable secure boot post install in VMs and disable it during pre-install which fixes the dreaded error 0xc000000f