Skip to content

Confirm-SecureBootUEFI: Document missing info on error "Variable is currently undefined: 0xC0000100" when Secure Boot is disabled #4034

New issue
New issue
Open
Open
Confirm-SecureBootUEFI: Document missing info on error "Variable is currently undefined: 0xC0000100" when Secure Boot is disabled#4034
Labels
issue-doc-bugSomething is out of date, unclear, confusing, or broken in the article. Blocks customer success.needs-triageWaiting - Needs triage
@Whisley-Wang

Description

@Whisley-Wang
Whisley-Wang
opened on Jul 25, 2025

Prerequisites

  • Existing Issue: Search the existing issues for this repository. If there is an issue that fits your needs do not file a new one. Subscribe, react, or comment on that issue instead.
  • Descriptive Title: Write the title for this issue as a short synopsis. If possible, provide context. For example, "Typo in Get-Foo cmdlet" instead of "Typo."
  • Verify Version: If there is a mismatch between documentation and the behavior on your system, ensure that the version you are using is the same as the documentation. Check this box if they match or the issue you are reporting is not version specific.

Links

Summary

When running Confirm-SecureBootUEFI on a physical machine with Secure Boot manually disabled (UEFI system, not a VM, running PowerShell as Administrator), the following error is shown:

Exception getting Secure Boot information:
Powershell error: Confirm-SecureBootUEFI : Variable is currently undefined: 0xC0000100
At line:1 char:1

  • Confirm-SecureBootUEFI
  •   + CategoryInfo          : ResourceUnavailable: (Microsoft.Secur...BootUefiCommand:ConfirmSecureBootUefiCommand) [C 
 onfirm-SecureBootUEFI], StatusException
  + FullyQualifiedErrorId : GetFWVarFailed,Microsoft.SecureBoot.Commands.ConfirmSecureBootUefiCommand

Details

The current official documentation does not mention this error or what it means. After investigation, it appears that some UEFI firmware implementations remove Secure Boot variables entirely when Secure Boot is disabled, causing this error to appear instead of simply returning $False.

Suggested Fix

Please update the documentation for Confirm-SecureBootUEFI to explain that this error may occur when Secure Boot is disabled, depending on the UEFI firmware, and that it does not necessarily indicate a problem with PowerShell or Windows.

Metadata

Metadata

Assignees

No one assigned

    Labels

    issue-doc-bugSomething is out of date, unclear, confusing, or broken in the article. Blocks customer success.needs-triageWaiting - Needs triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions