|Created date||Updated date||Affects version||Fix version|
|Drive Eraser - 7.8.1 SB (and newer)||N/A|
Some devices may fail to boot Blancco Drive Eraser if "Allow Microsoft 3rd Party UEFI CA" is not enabled or "Enable MS UEFI CA Key" BIOS/UEFI option is disabled under the Secure Boot settings.
This setting is named differently between the vendors but is normally located under Security and specifically Secure Boot settings section. Refer to below screenshots to identify the setting for different vendors:
This issue affects most of the latest generation devices and some examples listed below:
|Make||Model||Setting to allow booting Secure Boot enabled|
|Lenovo||X1 Yoga||Allow Microsoft 3rd Party UEFI CA - On|
|Lenovo||ThinkPad T14 Gen 3||Allow Microsoft 3rd Party UEFI CA - On|
|HP||ProBook 650 G8||Enable MS UEFI CA key - checkbox selected|
|Dell||Latitude 5540||Enable Microsoft UEFI CA Key - On|
|Dell||Latitude 7310||Enable Microsoft UEFI CA Key - On|
If Microsoft 3rd party UEFI CA is not allowed/enabled it is not possible to authenticate the Drive Eraser ISO leading the booting to fail.
This is due to a Microsoft requirement which instructs vendors to disable 3rd party certificates by default on newer devices.
Lenovo offers an official statement for this behavior.
If Secure Boot cannot be fully disabled make sure that the Microsoft 3rd party UEFI CA is allowed/enabled to successfully boot Drive Eraser.