Secure Boot is a security standard that ensures that the computer does not boot using unreliable software. This can restrict and prevent different attacks on the system from malicious software and rootkits.
If you want to make an upgrade to Windows 11, you must first make sure that the device is Secure boot capable, although you do not need to enable it. But enabling it will add an extra layer of security to your device.
On Gigabyte devices that use UEFI firmware, you can enable the secure boot easily from the BIOS. However, you may need to disable the Compatibility Support Mode (CSM) as the Secure Boot cannot operate along with the Legacy BIOS.
Before You Begin
Check the Secure Boot Status
The secure boot might have been disabled to install some operating systems like Linux or older versions of Windows on some UEFI-enabled devices. On Windows, you can check if the secure boot is enabled/disabled from the System information.
Press Windows Key + R, type msinfo32, and hit enter. This will open the System Information window.
Under the System Summary, find Secure Boot State. If it is labeled as off, Secure Boot is disabled on the device.
Check for GPT partition
Secure boot is one of the features of the United Extensible Firmware Interface (UEFI) firmware. Unlike the traditional BIOS, UEFI does not boot from the disks with Master Boot Record (MBR) partition. The UEFI is only compatible with the disks using GUID Partition Table (GPT) partition style.
Therefore, you need to check if the disk on your device is a GPT disk before we go on to enable the secure boot.
Press Windows Key + X and open Disk Management.
Right-click on the Disk and select Properties.
Go to the Volumes tab.
In the Partition style field, check that it is GUID Partition Table (GPT).
If the partition style is Master Boot Record (MBR), here’s how to change it into GPT.
Note: Back up all the data that is in the MBR disk before you proceed with the conversion. All the contents of the disk including the partition or volumes in the disk will get deleted in the process.
Open Command Prompt with elevated privileges.
Enter diskpart and hit enter.
Now enter List disk. This command will give you the list of disk partitions on your computer. Note the volume which you are willing to convert.
Then, type select disk 0. The disk we are trying to convert here is disk 0. Replace it with the disk name you noted earlier.
Now, enter clean. This will delete all the partitions on the disk.
Finally, type convert gpt and press enter.
Check for UEFI Support
The Secure boot is a security feature for the UEFI firmware which you won’t find on the older legacy BIOS firmware. Therefore, the next thing you should do is check if the BIOS mode on your Windows device is set to UEFI.
Open Run, type msinfo32 , and hit enter to launch the System Information.
In the System summary, check the BIOS mode field. If UEFI is mentioned there, you can proceed with enabling the secure boot.
Enabling the Secure Boot
Once you have assured that the BIOS mode is set to UEFI, you can then boot into the BIOS and enable the Secure Boot.
Restart the computer and press the Del Key continuously during the initial boot-up. The system will then boot into the BIOS.
Go to the BIOS tab.
Go to Secure Boot and Select Enabled.
Finally, Save and exit from the BIOS.
When the computer boots into Windows, go to the System Information and again check the status of the Secure Boot.
On some Gigabyte devices, the section for the secure boot is hidden in the BIOS. To make the option available, you have to disable the Compatibility Support Mode (CSM). The CSM provides Legacy BIOS backward compatibility for the UEFI. Unless this mode is disabled, the UEFI won’t operate fully, and thus the secure boot cant is enabled.
To disable the CSM on Gigabyte devices,
- Boot into BIOS for your device.
- Go into the BIOS tab.
- Navigate to the CSM support and press enter.
- Select Disabled
And if you'd like to go a step further in supporting us, you can treat us to a virtual coffee ☕️. Thank you for your support ❤️!
We do not support or promote any form of piracy, copyright infringement, or illegal use of software, video content, or digital resources.
Any mention of third-party sites, tools, or platforms is purely for informational purposes. It is the responsibility of each reader to comply with the laws in their country, as well as the terms of use of the services mentioned.
We strongly encourage the use of legal, open-source, or official solutions in a responsible manner.
following the instructions disabled all output to my monitors, turning off csm then turning on secure boot has effectively bricked my PC
It sounds like your PC is not actually bricked in the sense of permanent hardware damage — but turning off CSM and enabling Secure Boot likely made your system unable to initialize your graphics output because your GPU (or monitor connection) isn’t fully UEFI-compatible in the current configuration.
This is a fairly common issue with some Gigabyte boards and certain GPUs, especially if:
You’re using an older graphics card without full UEFI GOP (Graphics Output Protocol) support.
You’re connected via DisplayPort or certain HDMI ports that only get initialized with legacy BIOS settings.
The BIOS is now trying to start purely in UEFI mode, but your GPU firmware or display chain isn’t ready for that.
How to Fix It
We basically need to reset the BIOS so that CSM is re-enabled (and possibly Secure Boot disabled again).
1. Power Down & Clear CMOS
This will reset your motherboard BIOS settings to default.
Turn off your PC completely and unplug it from the wall.
Locate the CMOS battery (a small coin-cell battery on the motherboard).
Remove the battery for about 5 minutes (press the power button once while unplugged to discharge any residual power).
Reinsert the battery.
Alternatively, use the CLR_CMOS jumper on your Gigabyte board (check your manual — usually short the two pins for a few seconds with the PC unplugged).
When you reboot, the motherboard should return to CSM enabled and Secure Boot disabled.
2. If No Display After CMOS Reset
If clearing CMOS still doesn’t show a display:
Try plugging your monitor into the motherboard’s integrated GPU (if your CPU has one).
Boot and then change the BIOS back to allow your dedicated GPU to initialize in Legacy/UEFI hybrid mode.
3. Once You’re Back in BIOS
If you still want Secure Boot:
Make sure your GPU supports UEFI GOP (many pre-2014 GPUs don’t).
Ensure Windows is installed in UEFI + GPT mode.
Re-enable Secure Boot only after confirming the system boots in UEFI mode without CSM.
Important: If your GPU is not UEFI-compatible, Secure Boot without CSM will always break display output. You’d need to keep CSM enabled or upgrade the GPU.