If you’re buying a new PC, you’ll see systems described as boasting a UEFI BIOS. If you’re building a computer from scratch you may notice that some motherboards feature a UEFI BIOS, while older models lack it. But what does UEFI mean, and is it worth paying extra for it?
Why BIOS needs replacing
Anyone who has used a PC will be at least vaguely familiar with the BIOS – the Basic Input/Output System that’s stored in your PC’s firmware, and which kicks in as soon as you turn on your PC. Before the operating system loads, it’s the BIOS that handles the fundamental business of enumerating which hardware is installed, and applying basic settings such as CPU frequencies and RAM timings. By accessing the BIOS’ built-in menu, you can adjust various controls to (for example) make components run at different speeds, or configure your PC to boot from a different disk.
Broadly speaking, the role of the PC BIOS hasn’t changed in more than 20 years, and for most of that time it’s done a satisfactory job. But as PC technology has advanced, more features requiring BIOS support have appeared, such as remote security management, temperature and power monitoring, and processor extensions such as virtualisation and Turbo Boost.
The BIOS was never designed to be extended ad infinitum in this way. At heart, it’s a 16-bit system, with very limited integration with the hardware and operating system, and it can access a maximum of only 1MB of memory. It’s becoming increasingly difficult to accommodate everything we expect from a modern computer within the old BIOS framework. A new approach is needed.
The UEFI approach
Enter UEFI, the Unified Extensible Firmware Interface. UEFI is a much more sophisticated approach to low-level system management. You can think of it as a miniature operating system that sits on top of the motherboard’s firmware, rather than being squeezed inside it like a PC BIOS. It’s therefore debatable whether or not it’s really meaningful to talk about a “UEFI BIOS” (see What’s in a name?, below).
This means that UEFI can be just as powerful as a “real” OS. It can access all the memory installed in a system, and make use of its own little disk storage space – a sequestered area of onboard flash storage or hard disk space called the EFI System Partition. New modules can be easily added (hence “Extensible”); this includes device drivers for motherboard components and external peripherals, so user options can be presented in an attractive graphical front-end, controlled with the mouse. On touchscreen hardware, it’s possible to change system settings by swiping and tapping. It’s all a far cry from the clunky blue configuration screen of most BIOS implementations.
Since UEFI is a software environment, its high-level functions aren’t tied to any particular platform: UEFI works on ARM devices as well as regular PC hardware, and there’s no reason it can’t be compiled for any other architecture that may come along.
Who created UEFI?
UEFI has been under development for a lot longer than you may realise. Chip giant Intel first started work on a replacement for the classic PC BIOS back in 1998, to partner its nascent Itanium platform. In 2002, its fruits were formalised as the Extensible Firmware Interface (EFI).
Intel hasn’t kept the standard to itself. Since 2005, the system has been managed and developed by a cross-industry working group, including not only Intel but also AMD, Apple, Dell, Lenovo and Microsoft. The organisation is called the Unified EFI Forum – hence the addition of the “U” to UEFI.
You might wonder why UEFI didn’t catch on sooner. In fact, the system in its various versions has been quietly gaining momentum for a long time. In 2006, Apple switched all new Macintosh hardware from PowerPC processors over to the Intel platform, and chose the original EFI for its pre-boot firmware, a system it uses to this day. Some Windows laptops have also started using UEFI in the past few years, in order to provide friendlier and more flexible pre-boot environments. This hasn’t attracted much attention, for the simple reason that it makes no visible difference to most end users. And in the cut-throat desktop market, PC motherboards have tended to stick with traditional BIOS rather than invest in the more sophisticated UEFI. Until now, that is.
UEFI and Windows 8
Historically, Windows hasn’t got along well with UEFI hardware. In fact, back in 2006, when enthusiasts tried installing Windows XP on the first Intel-based iMacs, they were stymied precisely because Windows XP – the current version at that time – has no ability to boot on an EFI system. The situation was resolved only when Apple issued a firmware update allowing Mac hardware to emulate a traditional BIOS (along with a driver pack enabling Apple’s hardware to work in Windows). This shows the power of UEFI’s open-ended design.
Windows Vista and 7 didn’t fully support UEFI either, but there were good reasons for this. A 32-bit operating system can boot only from 32-bit UEFI firmware, while a 64-bit OS requires 64-bit firmware. When Microsoft introduced Windows Vista in both 32- and 64-bit flavours, nobody wanted to tell users they’d have to reprogram their motherboards to match their Windows edition – and motherboard manufacturers didn’t want to support two parallel versions of their UEFI firmware anyway. So Microsoft settled on a compromise: UEFI was supported natively by 64-bit editions of Vista, and latterly Windows 7, while 32-bit editions continued to require a BIOS, either real or emulated.
In Windows 8, the situation has changed, and Microsoft has wholeheartedly embraced UEFI. Its certification standards require that all new desktops, laptops and tablets sold with Windows 8, and bearing the Windows 8 sticker, must use a UEFI BIOS. You can still upgrade an older non-UEFI system to Windows 8, however – you’ll simply miss out on a handful of useful features, as we’ll describe below.
We’ve mentioned that UEFI lets motherboard manufacturers provide a friendly graphical interface to system settings, and that may be reason enough to switch. Once you’ve used a handy dropdown menu to configure your hard disks and tweak the frequency settings on your CPU, the old business of moving back and forth with the cursor keys feels quite primitive.
However, UEFI provides more far-reaching benefits, too. A major one is the ability to work better with modern hard disks. The original PC BIOS system was designed to work with the Master Boot Record (MBR) partitioning system, which only supports disks of up to 2TB, and no more than four partitions per disk. This may have seemed like plenty of headroom back when the system was introduced in 1983, but today it feels restrictive.
UEFI brings full support for the newer GUID Partition Table (GPT) partitioning scheme. This system can accommodate up to 128 partitions per disk, with a total capacity of 8ZB – equivalent to eight billion terabytes. Some modern BIOS implementations can handle GPT disks, but with limitations: many are unable to boot from very large disks, limiting the usefulness of the latest 3TB drives.
UEFI also allows a generally closer degree of integration between the operating system and the pre-boot environment – something Windows 8 takes advantage of in its Advanced Startup Options. If you’re using a UEFI system, you can select a device to boot from directly within the Windows 8 interface. (This option also appears if Windows 8 fails to start up properly, and takes you to the Troubleshooting screen.) If you’re using non-UEFI hardware, this option won’t be available: to boot from a device other than the default, you’ll have to jump in when the computer restarts and configure your BIOS directly.
Secure Boot
The most significant UEFI feature related to Windows 8 is Secure Boot – a system that ensures only authorised operating systems can start up on your PC. It works by reading a cryptographic signature embedded in the OS bootloader and verifying it against a database of authorised keys stored within the UEFI firmware. When you buy a new Windows 8 PC, laptop or tablet, the relevant key is preinstalled by the manufacturer, so you won’t even know Secure Boot is active. However, if you try to start a different operating system, the UEFI platform will refuse to boot.
This may not sound like a good thing. Indeed, when it was first announced that all new Windows 8 hardware would come with Secure Boot enabled, there was uproar among the technorati. Microsoft was accused of shutting out competing operating systems such as Ubuntu Linux, and of limiting customers’ ability to run whatever software they wanted on their PCs.
However, Secure Boot brings real benefits, as we’ll discuss below. And on regular Windows 8 laptop or desktop systems it doesn’t stop you from doing anything. Although it’s enabled on all new Windows 8 systems, you can always go into the UEFI settings and turn it off with a click. Once this is done, you can boot whichever operating system you like. If you’re upgrading older hardware to Windows 8 then it’s likely that Secure Boot won’t even be an issue, as it requires the latest version of UEFI to function.
You can also leave Secure Boot enabled and manually authorise other operating systems’ bootloaders, in addition to the Windows 8 one. For example, you might add a key for Ubuntu to the Secure Boot database, enabling both Windows 8 and Ubuntu to start, while continuing to disallow other, unknown operating systems. The precise process for generating a Secure Boot key should be detailed in the manual for your motherboard or laptop, or in the installation instructions for the operating system.
What’s more, Microsoft has agreed to allow other recognised operating system publishers to use the same bootloader key as Windows 8 (for a fee). Fedora Linux has already done this, so you can install and boot Fedora on a Windows 8 system with no additional configuration required.
The advantages of Secure Boot
Not only is Secure Boot not harmful, it can be greatly beneficial, both at home and at work. For businesses, it can help to enforce security policies. If users are able to plug in their own hard disks and boot into unauthorised operating systems, they could bypass restrictions on which software can be run, what sort of network access is permitted and so forth. If the IT department uses Secure Boot – and a password protects the UEFI settings, to prevent them from being tampered with – the potential for data leaks is greatly reduced.
For home users, Secure Boot can protect your security in a different way. Here, the major risk isn’t from corporate spies, but from malware. Secure Boot protects your system against rootkit-type infections that infect the bootloader and effectively make themselves hypervisors for the operating system. If unrecognised startup code can’t be executed, infections like this are stopped in their tracks.
Before we go overboard singing the praises of Secure Boot, there’s one catch we must point out. We mentioned above that Secure Boot could be disabled on x86 hardware. However, if you buy an ARM-based Windows RT device, you won’t be able to disable Secure Boot: on this platform, the feature is permanently locked on, and all third-party bootloaders are strictly banned. You can see why Microsoft insists on this: it ensures that consumer tablets provide a completely seamless and consistent experience, with no possibility of malware or confusing multiple environments. However, it’s bad news for anyone hoping to install Android or Linux on Windows tablet hardware.
What’s in a name?
The rise of UEFI raises questions about terminology. As we’ve noted, the term “UEFI BIOS” is arguably misleading, since the UEFI system completely replaces the classic PC BIOS.
However, the combination of UEFI and the underpinning firmware does constitute a “basic input and output system”, albeit not of the specific sort that’s typically referred to by the term “BIOS”. Alternatively, you might take the view that the firmware itself is a BIOS, and the UEFI is merely a shell that sits on top of it. Either way, the use of the term BIOS isn’t exactly wrong, and as long as the term UEFI is present as well, the meaning should be clear.
Another question is how to pronounce UEFI. Although the Unified EFI Forum has published voluminous standards material, it hasn’t provided any official guidance on this burning issue. Here at PC Pro we tend to say “weffy”, but Microsoft internally spells the term out as “U-E-F-I”. Another possibility is “you-fee”, or perhaps, for football fans, “you-eh-fee”. Whichever pronunciation you choose, get used to defending it: if the ongoing lack of consensus on “SATA” is any guide, pronunciation arguments over UEFI will probably be with us for at least as long as the technology itself.
Related Posts
How to Access the BIOS in
How To Fix a Hard Drive or SSD Not Showing Up in BIOS
Chrome Hardware Acceleration Explained
How The Valorant Ranking System Works – Rankings Explained
How to Cancel Netflix: Stop Your Netflix Subscription on iPhone, iPad, Android, and Online
How to Block Channels on YouTube
How To Insert a Checkbox Into Microsoft Word
How To Change the Duration of All Photos in a Slideshow Video in iMovie
How to Like All Songs in a Spotify Playlist
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
