UEFI CA 2023 Updater & Verification tools (No ADK) / iso or USB

Discussion in 'Scripting' started by pm67310, Jan 28, 2026.

  1. vigipirate

    vigipirate MDL Senior Member

    Feb 24, 2011
    445
    108
    10
    thank you sir pm67310 for iso
     
  2. pm67310

    pm67310 MDL Guru

    Sep 6, 2011
    3,875
    3,149
    120
    No need original english iso + french patch
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. kyrcy

    kyrcy MDL Senior Member

    Feb 25, 2020
    312
    32
    10
    #43 kyrcy, Jun 14, 2026
    Last edited: Jun 21, 2026
    @pm67310
    If I try Rufus with an ISO from Microsoft the following warning appears:

    Rufus detected that the ISO you have selected contains a UEFI bootloader that has been revoked and that will produce a "Security Violation" screen, when Secure Boot is enabled on a fully up to date UEFI system.
    - If you obtained this ISO image from a non reputable source, you should consider the possibility that it might contain UEFI malware and avoid booting from it.
    - If you obtained it from a trusted source, you should try to locate a more up to date version, that will not produce this warning.

    There is not a more up to date version of the ISO.

    If I run this script, select the ISO and Verify Signature (2011 vs 2023), I get:

    Certificate (Issuer CN) detected: Microsoft Windows Production PCA 2011 OUTDATED: Bootloader signed by 'Microsoft Windows Production PCA 2011'.

    If I perform a media update, select Windows_UEFI2023.iso and Verify Signature (2011 vs 2023), I get:

    Certificate (Issuer CN) detected: Windows UEFI CA 2023 VALID: Bootloader signed by 'Windows UEFI CA 2023'.

    However, if I try Rufus again with Windows_UEFI2023.iso, the same message as above appears.

    Shouldn't the script fix this problem?