UEFI BIOS update - is it worth it?

devoidzer0

Junior Member
Feb 21, 2013
2
0
0
I just noticed that there is an update for my PC's BIOS that adds UEFI support. I'm debating whether or not to flash it. I know that UEFI is supposed to improve bootup times, however I don't have an SSD on this system, so not sure whether I'd really benefit.

Also, I just did a clean install of Windows 8. If I update the BIOS would I have to format my OS hard drive a special way and reinstall Win8 for it to be recognized as UEFI? And if I didn't, would it kill my ability to boot into Windows?

FWIW, the system is a Gateway FX6860 that is pretty much stock except I upgraded the video card to a GTX 570.

http://www.amazon.com/gp/product/B00...?ie=UTF8&psc=1
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
UEFI has some benefits, some of them security-related. If you did the update for that reason, you'd want to set up the BIOS to boot UEFI only, enable the Secure Boot option if it's present in the UEFI BIOS, then reinstall Windows in order to take advantage of the benefits.

For a real-world example, the current versions of the extremely difficult-to-remove TDSS / TDL4 bootkit malware will not work if the system boots from UEFI, and the Secure Boot option will make it spectacularly harder yet for them to overcome that hurdle in the future. But you'll need to reinstall Windows to pull it off. In fact, I just went through that myself, and wrote up a thread on it here: http://forums.anandtech.com/showthread.php?t=2303403

Key steps: enable the Secure Boot option if available, and set the BIOS to boot only from UEFI, not Legacy.

Welcome to the Forums, hope that helps :)
 

devoidzer0

Junior Member
Feb 21, 2013
2
0
0
UEFI has some benefits, some of them security-related. If you did the update for that reason, you'd want to set up the BIOS to boot UEFI only, enable the Secure Boot option if it's present in the UEFI BIOS, then reinstall Windows in order to take advantage of the benefits.

For a real-world example, the current versions of the extremely difficult-to-remove TDSS / TDL4 bootkit malware will not work if the system boots from UEFI, and the Secure Boot option will make it spectacularly harder yet for them to overcome that hurdle in the future. But you'll need to reinstall Windows to pull it off. In fact, I just went through that myself, and wrote up a thread on it here: http://forums.anandtech.com/showthread.php?t=2303403

Key steps: enable the Secure Boot option if available, and set the BIOS to boot only from UEFI, not Legacy.

Welcome to the Forums, hope that helps :)

Thanks for the info. I'm actually not all that concerned about malware as I keep my antivirus up to date and I'm pretty careful about which sites I visit. If I do decide to update the BIOS without using UEFI right now, it won't affect my ability to boot into Windows, right?
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Thanks for the info. I'm actually not all that concerned about malware as I keep my antivirus up to date and I'm pretty careful about which sites I visit. If I do decide to update the BIOS without using UEFI right now, it won't affect my ability to boot into Windows, right?

I believe it would only affect your bootability if you also toggled Secure Boot on, or restricted the boot procedure to UEFI-bootable devices *only*.

On the topic of security, antivirus isn't actually a good defense, and while it's not a bad idea to avoid obviously risky sites, the fact is that over 80% of the malicious websites at any given time are normally safe, legit sites that have been compromised. Yesterday it was NBC.com's turn. Earlier this week it was discovered that the Los Angeles Times' website had been hitting people with exploit kits for six weeks running. And on and on. The link in my signature has some practical defense tips if anyone's interested in taking their defenses up a few notches.
 

VirtualLarry

No Lifer
Aug 25, 2001
56,570
10,195
126
Of course, UEFI "Secure Boot" only seems to work with Windows 8, and some of us prefer Windows 7.

If the UEFI actually allowed the user to manage the root certs, etc., stored in the UEFI to manage the Secure Boot feature, then it might be a bit more flexible, but as of now, as far as I know, it's Windows 8 only once you enable the feature.
 

gandya

Member
Feb 25, 2013
34
0
0
Of course, UEFI "Secure Boot" only seems to work with Windows 8, and some of us prefer Windows 7.

If the UEFI actually allowed the user to manage the root certs, etc., stored in the UEFI to manage the Secure Boot feature, then it might be a bit more flexible, but as of now, as far as I know, it's Windows 8 only once you enable the feature.

wrong, as I posted before, is possible(even without formatting HD).