Unified Extensible Firmware Interface (UEFI) is a firmware specification designed to improve and replace the older BIOS firmware standard. UEFI is a basic requirement to support the range of Windows firmware security features like TPM Secure Boot. UEFI and these security features are not all new to Windows 10. However, the features have been improved and expanded since their introduction with Windows Vista.
Typically UEFI is enabled on a device firmware settings prior to the installation of the OS image. GPT Disk partitioning is a requirement for UEFI along with the Fat32 file format for the primary boot partition.
- With a BIOS device boot process, the BIOS gives control to the Master Boot Record (MBR), with only a single MBR per device. The MBR is the disk partitioning format required for BIOS devices. Included is partitioning information on the disks and also which partition is bootable, which is located at the start of the disk and contains a boot loader. A BIOS Firmware machine simply executes the boot loader which finds the MBR and has no control or functionality beyond this.
- In contrast, a UEFI device does not have a MBR and instead can have multiple boot loaders. Unlike BIOS devices, with UEFI you can also configure the UEFI boot process from within the Operating System. UEFI makes use of a different disk partitioning system called GUID Partition Table (GPT). UEFI provides greater functionally to manage the system boot process. Where BIOS ends at the calling of the boot loader, UEFI extends its control to include the boot loader and even the Operating System. It is this built-in functionality that facilitates the additional Windows 10 security features supported with UEFI.
An important difference to note with UEFI is that the firmware checks the GPT partitions to find an EFI Service boot partition, whereas with the BIOS MBR partition table, the partition must be specified with the boot loader only.