Article Number: 000126406
Microsoft has released an update (MS16-100 aka KB3172729) for Windows 8.1, Windows 10 RTM, and Windows 10 1511; This update has an update for SecurBook that may cause the EFI boot partition to be mounted as a nonsystem disk, causing Dell Encryption (formerly Dell Data Protection | Encryption) to encrypt the files on that partition. This leads to an error stating that the Operating System Loader Signature is invalid:
Figure 1: (English Only) Operating System Loader Signature is invalid
How can I prevent this?
This can be mitigated completely by adding an exclusion to an EFI folder to Fixed Disk and General setting policies.
-^3F#:\EFI\
This policy when added to the current encryption policies prevent this from occurring. It is suggested to add this to both policies to prevent Common and SDE from affecting these files.
How can I remediate a device in this state?
Figure 2: (English Only) Windows Setup screen
Figure 3: (English Only) Repair your computer
Figure 4: (English Only) Troubleshoot
Figure 5: (English Only) Advanced Options
Figure 6: (English Only) Startup Repair
Figure 7: (English Only) Select Windows 8.1
Figure 8: (English Only) Windows Setup screen
Figure 9: (English Only) Repair your computer
Figure 10: (English Only) Troubleshoot
Figure 11: (English Only) Advanced Options
Figure 12: (English Only) Startup Repair
Figure 13: (English Only) Windows 10 selection
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Dell Encryption
03 Aug 2023
10
Solution