Feel free to take the code and run it through Chat GPT, Gemini or any AI to verify the integrity of the code before running.
You might want to vibe code editing the code to work specifically with the PC models you will be working with.
Note: Use this code at your own risk.
As of 30 May 2026, I have run these scripts on a range of HP Enterprise PCs AIO Desktop PCs and Elitebooks.
Open the Powershell with elevated privileges (run as administrator)
Use the blue button on the right to copy the code below.
Paste and in the Powershell window, and then tape enter
This script is usefull for pulling indepth information and the status of your computer.
However, it would be certainly worth running the full certs check, after step two, or when troubleshooting.
Please review the Disclaimer Page & Explanation & user risk agreement before executing any scripts or utilising the code provided on this site.
Main menu contains scripts, disclaimers and documentation. Plus as a bonus, the code for embedded a copy text button into Google sites.
This PowerShell script is an interactive, menu-driven Hardware Integrity and Secure Boot Audit Tool tailored primarily for enterprise environments handling HP and non-HP device fleets. Its main objective is to evaluate whether a computer meets the security requirements for the Windows UEFI Secure Boot CA 2023 certificate update (a major security mitigation rolled out by Microsoft).
Upon launch, it enforces administrator privileges, builds an interactive console menu, and plays retro-style audio tones ([Console]::Beep) to signal user interactions. It checks critical modern hardware configurations like UEFI boot paths, Motherboard NVRAM capacity, Active Directory Group Policies (GPOs), BitLocker encryption states, and Trusted Platform Module (TPM) health.
If you are a user looking to navigate the tool without diving into the complex code, the script provides a safe text menu. By typing a number from 1 to 4 and pressing ENTER, you can trigger these basic actions:
1. Run System Audit Dashboard (Option 1)
What it does: Scans your computer's motherboard and operating system layout to see if it's securely built.
Simple indicator: It prints out a checklist. Green text means your system is safe/modern; Red text means you are running on outdated or vulnerable settings.
2. Get Suggested Next Actions (Option 2)
What it does: Acts like a virtual repair wizard. It tells you exactly what step to take next based on what Option 1 discovered.
Simple indicator: If your drive is encrypted or missing critical Windows updates, it will warn you here and tell you how to resolve it (e.g., "Open Windows Update on this PC").
3. Get System BIOS Cross-Reference (Option 3)
What it does: Reads your computer's model name (such as HP EliteBook 840 G5) and checks if the physical motherboard software (BIOS) is old or supported.
Simple indicator: It prints direct web links where you can look up your computer to download standard software updates.
4. Exit (Option 4)
What it does: Safely closes out the script. (Note: It runs an elaborate, simulated closing sequence with sound effects for a few seconds before completely shutting down).
To understand the core underlying technologies this script uses, you can refer to the official Microsoft documentation below:
Secure Boot 2023 Certificates: Learn about the specific database (db) updates this script checks for.
👉 Microsoft Support: Guidance for managing UEFI Secure Boot seals
Confirm-SecureBootUEFI: The official cmdlet used in the script to verify if Secure Boot is turned on.
👉 Microsoft Learn: Confirm-SecureBootUEFI Documentation
MBR2GPT Conversion: The tool suggested in Option 2 to upgrade legacy partition layouts to modern UEFI layouts.
👉 Microsoft Learn: MBR2GPT.exe Tool Guide
BitLocker Management: Documentation regarding protecting device drives before flashing firmware upgrades.
👉 Microsoft Learn: Manage-bde Protectors Control