From 5a162b5aba7a49d06a67cbdcfe904b9c4cd5ce02 Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Wed, 1 Apr 2026 18:32:01 -0700 Subject: [PATCH 1/6] Add documentation for Get-SecureBootSVN cmdlet Added documentation for the Get-SecureBootSVN cmdlet, including its synopsis, syntax, examples, parameters, outputs, and related links. --- .../SecureBoot/Get-SecureBootSVN.md | 118 ++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100644 docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md diff --git a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md new file mode 100644 index 0000000000..51324bd687 --- /dev/null +++ b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md @@ -0,0 +1,118 @@ +--- +description: Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell. +external help file: Microsoft.SecureBoot.Commands.dll-Help.xml +Module Name: SecureBoot +ms.date: 04/01/2026 +online version: https://learn.microsoft.com/powershell/module/secureboot/get-securebootsvn?view=windowsserver2022-ps&wt.mc_id=ps-gethelp +title: Get-SecureBootSVN +--- + +# Get-SecureBootSVN + +## SYNOPSIS +Gets Secure Boot Security Version Number (SVN) information and compliance status for the system firmware and boot manager. + +## SYNTAX + +### YAML +``` +Get-SecureBootSVN +[-BootManagerPath ] +[] +``` + + +## DESCRIPTION +The **Get-SecureBootSVN** cmdlet retrieves Secure Boot Security Version Number (SVN) information from the system’s UEFI firmware and the currently installed or specified boot manager. +It evaluates whether the system is compliant with the firmware’s Secure Boot policy. The cmdlet must be run from an elevated PowerShell session on a UEFI-based system with Secure Boot enabled. + +## EXAMPLES + +### Example 1: Get current Secure Boot SVN compliance status + +### YAML +``` +Get-SecureBootSVN +``` + +This command retrieves the firmware’s required SVN, the current boot manager’s SVN, any staged (pending) SVN updates, and evaluates whether the system is compliant. + +### Example 2: Check SVN compliance for a specific boot manager file + +### YAML +``` +Get-SecureBootSVN -BootManagerPath "D:\Recovery\bootmgfw.efi" +``` + +This command checks the SVN of the specified boot manager file and compares it against the system’s firmware and staged SVN requirements. + +## PARAMETERS + +### -BootManagerPath +Specifies the full path to a boot manager `.EFI` file to evaluate. +The cmdlet reads the SVN from the specified file and compares it to the system’s firmware and staged SVN values. + +```yaml +Type: String +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +Parameter Sets: (All) + +Position: Named +Mandatory: False +Value from pipeline: False +Value from pipeline by property name: False +Value from remaining arguments: False +``` + +## Outputs +This cmdlet returns a SecureBootSVNInfo object with the following properties: + +- **FirmwareSVN – The current SVN requirement enforced by the UEFI firmware.** +- **BootManagerSVN – The SVN of the currently installed or specified boot manager.** +- **StagedSVN – The SVN of any pending Secure Boot update installed on the system and not yet applied to the firmware.** +- **ComplianceStatus – Indicates whether the boot manager meets the firmware’s SVN requirement.** +- **BootManagerPath – (Optional) The path to the boot manager file tested, if specified.** + +## Notes + +- This cmdlet is read-only and does not modify any firmware or system settings. +- On systems without Secure Boot or UEFI support, the cmdlet returns an error or empty output. +- The cmdlet must be run from an elevated PowerShell session. + +## Related Links + +[Confirm-SecureBootUEFI](./Confirm-SecureBootUEFI.md) + +[Format-SecureBootUEFI](./Format-SecureBootUEFI.md) + +[Get-SecureBootPolicy](./Get-SecureBootPolicy.md) + +[Get-SecureBootUEFI](./Get-SecureBootUEFI.md) + +[Monitoring Secure Boot certificate status with Microsoft Intune remediations](https://support.microsoft.com/en-us/topic/monitoring-secure-boot-certificate-status-with-microsoft-intune-remediations-6696a27b-fa09-4570-b112-124965adc87f) + +[Secure Boot Certificate Updates for Azure Virtual Desktop](https://support.microsoft.com/en-us/topic/secure-boot-certificate-updates-for-azure-virtual-desktop-06a8a1bc-2510-4ead-9bea-3698e1d6b1db) + + + + + + + + + + + + + + + + + + + + + + From 28899aaedf61ed5f8060fddcd5daf2b8a7a82673 Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Wed, 1 Apr 2026 18:36:46 -0700 Subject: [PATCH 2/6] Revise description for Get-SecureBootSVN Updated the description to specify retrieval of Secure Boot Security Version Number (SVN) data for compliance assessment. --- .../SecureBoot/Get-SecureBootSVN.md | 23 +------------------ 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md index 51324bd687..9de9d48716 100644 --- a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md +++ b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md @@ -1,5 +1,5 @@ --- -description: Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell. +description: Use this topic to retrieve Secure Boot Security Version Number (SVN) data from UEFI firmware and the boot manager to assess compliance with Secure Boot policies on a system. external help file: Microsoft.SecureBoot.Commands.dll-Help.xml Module Name: SecureBoot ms.date: 04/01/2026 @@ -95,24 +95,3 @@ This cmdlet returns a SecureBootSVNInfo object with the following properties: [Secure Boot Certificate Updates for Azure Virtual Desktop](https://support.microsoft.com/en-us/topic/secure-boot-certificate-updates-for-azure-virtual-desktop-06a8a1bc-2510-4ead-9bea-3698e1d6b1db) - - - - - - - - - - - - - - - - - - - - - From 0a05aa93f75b27a8eebf40917d0a316360dc74e4 Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Mon, 18 May 2026 12:38:09 -0700 Subject: [PATCH 3/6] Update docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md Co-authored-by: Sean Wheeler --- docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md index 9de9d48716..37fbe0363e 100644 --- a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md +++ b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md @@ -40,7 +40,7 @@ This command retrieves the firmware’s required SVN, the current boot manager ### Example 2: Check SVN compliance for a specific boot manager file ### YAML -``` +```powershell Get-SecureBootSVN -BootManagerPath "D:\Recovery\bootmgfw.efi" ``` From 4b5e9f2b6cc843c074997b0cccecc750173409cc Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Mon, 18 May 2026 12:38:18 -0700 Subject: [PATCH 4/6] Update docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md Co-authored-by: Sean Wheeler --- docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md index 37fbe0363e..14704d0b41 100644 --- a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md +++ b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md @@ -14,12 +14,6 @@ Gets Secure Boot Security Version Number (SVN) information and compliance status ## SYNTAX -### YAML -``` -Get-SecureBootSVN -[-BootManagerPath ] -[] -``` ## DESCRIPTION From 8ed43dea8ff1b294174e279d755dd796ad4232dc Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Mon, 18 May 2026 12:58:22 -0700 Subject: [PATCH 5/6] Fix markdown formatting in Get-SecureBootSVN.md --- docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md index 14704d0b41..f6fc679de3 100644 --- a/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md +++ b/docset/winserver2022-ps/SecureBoot/Get-SecureBootSVN.md @@ -60,7 +60,7 @@ Value from pipeline by property name: False Value from remaining arguments: False ``` -## Outputs +## OUTPUTS This cmdlet returns a SecureBootSVNInfo object with the following properties: - **FirmwareSVN – The current SVN requirement enforced by the UEFI firmware.** @@ -69,7 +69,7 @@ This cmdlet returns a SecureBootSVNInfo object with the following properties: - **ComplianceStatus – Indicates whether the boot manager meets the firmware’s SVN requirement.** - **BootManagerPath – (Optional) The path to the boot manager file tested, if specified.** -## Notes +## NOTES - This cmdlet is read-only and does not modify any firmware or system settings. - On systems without Secure Boot or UEFI support, the cmdlet returns an error or empty output. @@ -85,7 +85,7 @@ This cmdlet returns a SecureBootSVNInfo object with the following properties: [Get-SecureBootUEFI](./Get-SecureBootUEFI.md) -[Monitoring Secure Boot certificate status with Microsoft Intune remediations](https://support.microsoft.com/en-us/topic/monitoring-secure-boot-certificate-status-with-microsoft-intune-remediations-6696a27b-fa09-4570-b112-124965adc87f) +[Monitoring Secure Boot certificate status with Microsoft Intune remediations](https://support.microsoft.com/topic/monitoring-secure-boot-certificate-status-with-microsoft-intune-remediations-6696a27b-fa09-4570-b112-124965adc87f) -[Secure Boot Certificate Updates for Azure Virtual Desktop](https://support.microsoft.com/en-us/topic/secure-boot-certificate-updates-for-azure-virtual-desktop-06a8a1bc-2510-4ead-9bea-3698e1d6b1db) +[Secure Boot Certificate Updates for Azure Virtual Desktop](https://support.microsoft.com/topic/secure-boot-certificate-updates-for-azure-virtual-desktop-06a8a1bc-2510-4ead-9bea-3698e1d6b1db) From 42a105cfef38e4a97d0a21cd49bf5c09fc966d78 Mon Sep 17 00:00:00 2001 From: SochiOgbuanya <152557870+SochiOgbuanya@users.noreply.github.com> Date: Mon, 18 May 2026 13:09:13 -0700 Subject: [PATCH 6/6] Add Get-SecureBootSVN to SecureBoot documentation Added Get-SecureBootSVN function to documentation. --- docset/winserver2022-ps/SecureBoot/SecureBoot.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docset/winserver2022-ps/SecureBoot/SecureBoot.md b/docset/winserver2022-ps/SecureBoot/SecureBoot.md index bab9d92416..4129d0dd9e 100644 --- a/docset/winserver2022-ps/SecureBoot/SecureBoot.md +++ b/docset/winserver2022-ps/SecureBoot/SecureBoot.md @@ -29,4 +29,5 @@ Gets the UEFI variable values related to Secure Boot. ### [Set-SecureBootUEFI](./Set-SecureBootUEFI.md) Sets the Secure Boot-related UEFI variables. - +### [Get-SecureBootSVN](./Get-SecureBootSVN.md) +Gets Secure Boot Security Version Number (SVN) information and compliance status for the system firmware and boot manager