From 051c19fd2bb2330599de831845ab845c241f9127 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 13 Feb 2023 10:28:15 -0500 Subject: [PATCH] restore images of boot process --- .../secure-the-windows-10-boot-process.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md index edec923f61..d51c47c56e 100644 --- a/windows/security/information-protection/secure-the-windows-10-boot-process.md +++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md @@ -91,13 +91,13 @@ To trust and boot operating systems, like Linux, and components signed by the UE 1. Open the firmware menu, either: - - Boot the PC, and press the manufacturer’s key to open the menus. Common keys used: Esc, Delete, F1, F2, F10, F11, or F12. On tablets, common buttons are Volume up or Volume down. During startup, there’s often a screen that mentions the key. If there’s not one, or if the screen goes by too fast to see it, check your manufacturer’s site. + - Boot the PC, and press the manufacturer's key to open the menus. Common keys used: Esc, Delete, F1, F2, F10, F11, or F12. On tablets, common buttons are Volume up or Volume down. During startup, there's often a screen that mentions the key. If there's not one, or if the screen goes by too fast to see it, check your manufacturer's site. - Or, if Windows is already installed, from either the Sign on screen or the Start menu, select Power ( ) > hold Shift while selecting Restart. Select Troubleshoot > Advanced options > UEFI Firmware settings. -2. From the firmware menu navigate to Security > Secure Boot and select the option to trust the “3rd Party CA”. +2. From the firmware menu navigate to Security > Secure Boot and select the option to trust the "3rd Party CA". -3. Save changes and exit. +3. Save changes and exit. Microsoft continues to collaborate with Linux and IHV ecosystem partners to design least privileged features to help you stay secure and opt-in trust for only the publishers and components you trust. @@ -132,6 +132,8 @@ Depending on the implementation and configuration, the server can now determine Figure 2 illustrates the Measured Boot and remote attestation process. + + ![Measured Boot and remote attestation process.](./images/dn168167.measure_boot(en-us,MSDN.10).png) *Figure 2. Measured Boot proves the PC's health to a remote server*