• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Join the HP Community Solve‑a‑thon | Help Others & Share Your Solutions | Live on Zoom | 2:30 PM to 2:30 AM IST | Every Wednesday Click here to know more

‎05-05-2026 08:24 AM

HP Recommended

Hello everyone,

I’m looking for help with a Secure Boot issue on my HP Pavilion Desktop after a BIOS update.

Device information:
Product name: HP Pavilion Desktop PC 595-p0000a / 595-p0xxx
Product number / SKU: 4JX08EA#ABD
BaseBoard / SSID: 843B
BIOS version: AMI F.51 / F.51 Rev.A
OS: Windows 11 Home
BIOS mode: UEFI
TPM: Ready / working
Internal SSD: WDC PC SN520 SDAPNUW-256G-1006

Problem:
After updating the BIOS to F.51 Rev.A, Secure Boot no longer works. When Secure Boot is enabled, the PC stops during boot with the red error message:

“Secure Boot Violation – Invalid signature detected. Check Secure Boot Policy in Setup.”

If I disable Secure Boot, Windows 11 starts normally. Legacy Support is disabled.

What I already tried:
Loaded BIOS defaults / “Apply Defaults and Exit”
Confirmed UEFI boot mode and disabled Legacy Support
Confirmed that Windows Boot Manager is present and selected
Checked TPM with tpm.msc → TPM is ready
Ran sfc /scannow and DISM /Online /Cleanup-Image /RestoreHealth
Rebuilt EFI boot files with bcdboot
Checked firmware boot entries with bcdedit /enum firmware
Cleared/reset Secure Boot keys in BIOS
Performed HP BIOS Recovery using Windows + B
Removed all external drives/USB installation media
Tried the Microsoft Secure Boot certificate update process, but the registry status remains stuck at:

UEFICA2023Status = InProgress
UEFICA2023Error = 0x0
WindowsUEFICA2023Capable = 0x0

I also found a similar case involving HP Pavilion 590-p0050, BIOS F.51, and SSID 843B, where Event ID 1801 / TPM-WMI mentioned updated Secure Boot certificates not yet applied to the firmware.

Question:
Is this a known issue with BIOS F.51 Rev.A / SSID 843B and Secure Boot under Windows 11?
Is there an official HP fix, Secure Boot key recovery method, BIOS re-flash procedure, or safe downgrade path for this BIOS family?

I would prefer not to reinstall Windows unless it is absolutely necessary, because the system works normally with Secure Boot disabled.

Thanks in advance for any help.

Reply
1 ACCEPTED SOLUTION

Accepted Solutions

‎05-07-2026 02:47 AM

HP Recommended

Hi @Ya05ick 

 

Welcome to the HP Support Community! We're here to help you get back up and running.

 

Thank you for sharing the detailed information about your HP Pavilion Desktop and the Secure Boot Violation message after updating to BIOS F.51 Rev.A. The system is functioning with Secure Boot disabled, which confirms that the hardware and operating system remain intact. 

 

To restore Secure Boot functionality, please follow the recommended steps below:

 

Step 1: Access BIOS Setup

  • Power on the computer and immediately press F10 repeatedly until the BIOS Setup screen opens.
  • Navigate to Security > Secure Boot Configuration.

 

Step 2: Restore Factory Keys

  • In the Secure Boot Configuration menu, select Restore Factory Keys.
  • Save changes and exit BIOS.
  • Restart the computer to check if the error clears.

 

Step 3: Verify Boot Mode and Boot Manager

  • Ensure UEFI Boot Mode is enabled and Legacy Support is disabled.
  • Confirm that Windows Boot Manager is listed first in the boot order.

 

Step 4: Update BIOS

 

Step 5: Perform BIOS Recovery if Needed

  • If the issue persists, create a BIOS recovery USB using HP’s official tool:
    HP PCs – Recovering the BIOS
  • Use this recovery drive to restore the BIOS to a working state.

 

Step 6: Apply Microsoft Secure Boot Update

  • Ensure Windows Update is fully applied, including the Secure Boot UEFI CA 2023 update.
  • Restart the system after updates and re‑enable Secure Boot in BIOS.

 

By following these steps, Secure Boot can be restored while keeping the system protected. Disabling Secure Boot allows normal operation, but restoring factory keys and updating BIOS usually resolves the violation error while maintaining security.

 

 

Take care, and have an amazing day!

 

Regards, 

Hawks_Eye

I'm an HP Employee.


If this reply helped resolve your issue, please select the Accept as Solution as it helps others in the community quickly find the answer they’re looking for.


And if you found this reply helpful, clicking Yes below is a great way to let us know we’re providing the support you need, as it encourages us to keep improving and sharing helpful guidance.

View solution in original post

Reply
1 person found this reply helpful
Was this reply helpful? Yes No
1 REPLY 1

‎05-07-2026 02:47 AM

HP Recommended

Hi @Ya05ick 

 

Welcome to the HP Support Community! We're here to help you get back up and running.

 

Thank you for sharing the detailed information about your HP Pavilion Desktop and the Secure Boot Violation message after updating to BIOS F.51 Rev.A. The system is functioning with Secure Boot disabled, which confirms that the hardware and operating system remain intact. 

 

To restore Secure Boot functionality, please follow the recommended steps below:

 

Step 1: Access BIOS Setup

  • Power on the computer and immediately press F10 repeatedly until the BIOS Setup screen opens.
  • Navigate to Security > Secure Boot Configuration.

 

Step 2: Restore Factory Keys

  • In the Secure Boot Configuration menu, select Restore Factory Keys.
  • Save changes and exit BIOS.
  • Restart the computer to check if the error clears.

 

Step 3: Verify Boot Mode and Boot Manager

  • Ensure UEFI Boot Mode is enabled and Legacy Support is disabled.
  • Confirm that Windows Boot Manager is listed first in the boot order.

 

Step 4: Update BIOS

 

Step 5: Perform BIOS Recovery if Needed

  • If the issue persists, create a BIOS recovery USB using HP’s official tool:
    HP PCs – Recovering the BIOS
  • Use this recovery drive to restore the BIOS to a working state.

 

Step 6: Apply Microsoft Secure Boot Update

  • Ensure Windows Update is fully applied, including the Secure Boot UEFI CA 2023 update.
  • Restart the system after updates and re‑enable Secure Boot in BIOS.

 

By following these steps, Secure Boot can be restored while keeping the system protected. Disabling Secure Boot allows normal operation, but restoring factory keys and updating BIOS usually resolves the violation error while maintaining security.

 

 

Take care, and have an amazing day!

 

Regards, 

Hawks_Eye

I'm an HP Employee.


If this reply helped resolve your issue, please select the Accept as Solution as it helps others in the community quickly find the answer they’re looking for.


And if you found this reply helpful, clicking Yes below is a great way to let us know we’re providing the support you need, as it encourages us to keep improving and sharing helpful guidance.

Reply
1 person found this reply helpful
Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.