Are you facing an error keeping your ASUS computer from booting into Windows? You are stuck in the UEFI screen with a Secure Boot Violation error message that reads, “Invalid Signature Detected. Check Secure Boot Policy in Setup”.

The problem is not specific to ASUS users. It could also occur on other laptop brands.

Your first reaction, naturally, might be to panic. No one likes encountering a system issue. But put your mind at ease. Don’t lose hope just yet.

With the troubleshooting steps we’ll provide in this guide, you can fix this error in the comfort of your home or office. So, there would be no need to plan a visit to your PC repair expert.

What Is The “Invalid Signature Detected” Error?

The issue began on Windows 7 after the KB3133977 update was released. KB3133977 was meant to fix a problem that prevented BitLocker from encrypting drives.

The purpose was achieved, but coincidentally, the update resulted in the “Invalid Signature Detected” error on ASUS PCs.

This happened because the Secure Boot Technology present in ASUS motherboards is not compatible with some versions of Windows. It is, therefore, not fully enabled on machines running on the OS.

But once the update is installed, Secure Boot gets fully activated. When the PC is turned on, and the detected OS is incompatible with the feature, a boot is prevented, and the Secure Boot Violation error message is displayed.

Although Microsoft later patched the problem, it still exists in later versions of Windows, including Windows 10.

Ways Where the “Invalid Signature Detected” Error Occurs

The error can occur in any of the following scenarios:

  • After installing a secondary operating system on your PC (dual boot configuration).
  • After flushing or resetting UEFI/BIOS to factory settings.
  • After upgrading to a new version of Windows.
  • You fixed it in a new HDD or SSD.
  • After the Digital Signature Driver Verification (Windows Driver Signature Enforcement) has been enabled.

Whatever the issue, let’s explore how to resolve the ‘Secure Boot Violation: Invalid Signature Detected’ error on Windows 10.


Also Read: Optimizing SSD to Increase Performance (Windows Tweaks)


How to Get Rid Of the “Secure Boot Violation: Invalid Signature Detected” Error on Windows 10

To fix the issue, you’ll need to head to BIOS or UEFI (depending on the one your laptop uses. The latter is present in more modern computers) and make some adjustments.

Note that the method of accessing the BIOS/UEFI screen will vary based on the brand of your PC.

However, it usually involves restarting your computer and repeatedly pressing F1, F2, Fn + F2, or Del. Another way is to click OK on the error message.

Here’s how to fix the “Secure Boot Violation: Invalid Signature Detected” error. 

Method 1: Set boot priority or disconnect the external drive

If you encountered the “Secure Boot Violation” error when an external drive (whether a hard drive or USB flash drive) was connected to your PC before starting up, access the BIOS/UEFI settings and configure boot priority (boot order). 

Ensure the system loads from the internal hard disk or Windows Boot Manager and not from Removable Devices. See that Hard Drive comes first in the Boot order.

To make things easier, turn off the computer, unplug the external drive, and reboot the system.

In any other case, you’ll have to perform the following fixes:

  • disable secure boot control
  • enable CSM and disable fast boot
  • set all keys under key management to “not installed”
  • disable driver signature enforcement

Method 2: Disable secure boot control

This is often sufficient in resolving the “Invalid Signature Detected” error. Here’s what you have to do:

  • Enter BIOS.
  • From the main tab, use the right arrow key to navigate to the Security tab, Authentication tab, or Boot tab. The Secure Boot menu is under one (depending on your BIOS/UEFI setup utility). Use the down arrow key to select the option and press Enter.
  • Select Secure Boot Control.
  • Choose Disabled.

Note
There’s another way to disable Secure Boot. If an option says OS type in the menu from No.2 above, navigate to it and select Other OS. That should do the trick. It doesn’t matter that your PC is running on the Windows operating system.
 

Method 3: Enable CSM and disable fast boot

After completing the procedure in method 2:

  • Look for the Fast Boot option. Depending on your BIOS, it will be located under the “Security,” “Authentication,” or Boot tab.
  • Select the option and press Enter.
  • Now, choose Disable.
  • Move down to Launch CSM and choose Enabled.
  • Go to the Save and Exit tab.
  • Select Save Changes and Exit.
  • Choose Yes to confirm the action.

Note
You can also save the changes made to the BIOS by pressing F10 on your keyboard. However, this also depends on your device.
 

When you perform the above fixes, the error in the discussion should now be resolved. However, if it persists, enter BIOS or UEFI once again and try the solutions below.


Also read: What is BIOS Whitelist, and Should I Remove it from My PC?


Method 4: Set all keys under key management to not installed

The “Invalid Signature Detected” error might happen after UEFI/BIOS update. The boot loader can recognize a mismatch between the operating system and saved keys in this scenario. You’ll then have to reset the keys to fix it.

Here’s how to do so:

  • Enter BIOS and head to the Security tab.
  • Locate Key Management and select it.
  • Set all the keys to Not Installed.

If the “Secure Boot Violation: Invalid Signature Detected” error isn’t fixed, try the next step below. 

Method 5: Disable driver signature enforcement

If the issue persists at this point, unsigned device drivers could conflict with the system protection module.

To resolve this, you’ll have to disable the digital signature verification of drivers.

Here’s how:

  • To access the recovery environment, boot Windows 10 from the installation media.
  • Press Shift + F10 once the installation screen comes up.
  • Now, to permanently disable driver signature enforcement, input the following lines in the Command prompt window and press Enter after each one:
bcdedit.exe -set load options DISABLE_INTEGRITY_CHECKS
bcdedit.exe -set TESTSIGNING ON

Afterward, the system should be able to boot without any setbacks. You will find a Test Mode watermark at the bottom-right corner of your PC screen. This indicates that installing unsigned or unverified drivers is no longer restricted.

You’ll need to locate and remove the unsigned drivers that caused the “Invalid Signature Detected” error. Follow the steps below to achieve this:

  • Press the Windows key + R on your keyboard to open the Run dialog.
  • Type sigverif into the text box, click OK, or press Enter. This will open the File Signature Verification utility.
  • Click the start button.
  • A full-system scan will begin. All unsigned drivers that are installed on your computer will be detected.
  • Once the scan is complete, you’ll be presented with a list. Uninstall the problematic drivers through Device Manager and then install a signed, up-to-date version.

Method 6: Use Auslogics Driver Updater to get the latest drivers

After following the steps above to stop driver signature enforcement and identify unsigned drivers, you can use Auslogics Driver Updater to help you update to the latest, signed versions of those drivers. 

Here’s how: 

  • Note the faulty drivers that need updating after you disable Driver Signature Enforcement and discover unsigned drivers using the ‘File Signature Verification’ program.
  • To update the drivers on your Windows computer, install and launch Auslogics Driver Updater. This program will quickly and easily check for outdated drivers and prepare them for updates.
Use Auslogics Driver Updater to Get the Latest Drivers
  • Initiate a scan with Auslogics Driver Updater. The software will analyze and check for any incompatible or outdated drivers, including the ones you checked as unsigned.
Invalid Signature Detected” Error
  • When the scan is finished, Auslogics Driver Updater will provide a list of the drivers that are no longer up to date. It will also include the newest driver version and details about the device’s manufacturer.
  • Determine which drivers were at fault for the “Invalid Signature Detected” error that appeared during the scan. The software will display the drivers that need updates.
  • To update your drivers, check the boxes next to their names, and hit the “Update” button.
Update Your Drivers with Auslogics Driver Updater

No doubt, the tool offers a fool-proof service that protects you from experiencing such inconveniences as the “Secure Boot Violation: Invalid Signature Detected” error.

Use it today and kiss driver-related issues on your PC goodbye. Ensure your computer is in its best state at all times.

Download Auslogics Driver Updater
Prevent hardware errors and ensure problem-free device operation with this advanced tool that detects outdated drivers and safely gets them updated.

Related: Auslogics Driver Updater: Update Your Drivers in One Click!


Important: Enable the Driver Signature Enforcement Again

Remember that Driver Signature Enforcement is a critical security protocol. Without it, your system will be under serious safety threats (becoming vulnerable to virus and malware attacks via untrusted drivers). 

You, therefore, have to enable the feature once again. Follow these easy steps to get it done:

  • Press the Windows logo key + R on your keyboard to open the Run dialog.
  • Type CMD in the text box, press Enter. This will open the Command Prompt window.
  • Enter the following commands and press Enter after each one:
exe /set nointegritychecks off
bcdedit /set testsigning off
  • Close the window and reboot your computer.

By the time you’re reading this paragraph, it is expected that the issue that led you to this guide should be successfully resolved by the “Secure Boot Violation: Invalid Signature Detected” error. You can now use your computer without any more setbacks.

Conclusion

The “Invalid Signature Detected” error on a Windows computer can be frustrating but can be fixed. You can avoid taking your computer to a professional repair shop by following the steps outlined in this guide and fixing the problem.

Keep your software up-to-current, double-check the system date and time, and re-download any necessary files from reliable sources.

If the problem persists, it’s best to contact the software provider for help or newer versions of the program.

Furthermore, you can use Auslogics BoostSpeed 13 to ensure your computer runs smoothly.

It does this by removing unnecessary files, free up disk space, fixing invalid registry entries, and more. In all, it helps to boost your PC performance.

FAQ

The “Invalid Signature Detected” error means that the digital signature can’t be validated for files, documents, or programs on a Windows PC.

The signature was either not provided, has since expired, or been revoked, or doesn’t correspond to the requested signature, according to the error notice.

When a file’s signature is invalid, it raises red flags that it may have been tampered with or corrupted. The safety and dependability of the file or program depend on fixing this problem.

If you’re getting the “Invalid Signature Detected” message on a Windows computer, you can do a few things. First, you should try downloading the file again from a reliable source to ensure it wasn’t corrupted during the initial download.

You should also keep your OS and antivirus software up-to-date, as using an older version can cause signature verification problems. Also, Incorrect date and time settings might cause signature validation issues. Therefore it’s necessary to check and correct these.

If the error persists, you contact the software provider for assistance or new software versions.