Some commands in Ventoy grub can modify the contents of the ISO and must be disabled for users to use on their own under secure boot. Feedback is welcome If your tested hardware or image file is not listed here, please tell me and I will be glad to add it to the table here. Windows 7 32-bit does not support UEFI32 - you must use Win7 64-bit.. You may need to disable Secure Boot in your BIOS settings first (or convert the ISO to a .imgPTN23 file using the MPI Tool Kit). No bootfile found for UEFI, maybe the image doesnt support ia32 uefi error, asus t100ta Kinda solved: Cant install arch, but can install linux mint 64 bit. https://abf.openmandriva.org/platforms/cooker/products/4/product_build_lists/3250 Yeah, I think UEFI LoadImage()/StarImage(), which is what you'd call to chain load the UEFI bootloader, are set to validate the loaded image for Secure Boot and not launch it for unsigned/broken images, if Secure Boot is enabled (but I admit I haven't formally validated that). same here on ThinkPad x13 as for @rderooy There are also third-party tools that can be used to check faulty or fake USB sticks. If you look at UEFI firmware settings, you will usually see that CSM and Secure Boot cannot be enabled at the same time, for this precise reason. So as @pbatard said, the secure boot solution is a stopgap and that's why Ventoy is still at 1.0.XX. You can have BIOS with TPM and disk encryption and, provided your hardware manufacturer implements anti tampering protection to ensure that the TPM is not sharing data it shouldn't share with parts of the system that should not be trusted, it should be no less secure than TPM-based encryption on a Secure Boot enabled system. Yet, that is technically what Ventoy does if you enrol it for Secure Boot, as it makes it look like any bootloader, that wasn't signed by Microsoft, was signed by Microsoft. Reply. No idea what's wrong with the sound lol. For example, how to get Ventoy's grub signed with MS key. Now, if Microsoft finally relinquished their abusive policy about not accepting GPLv3 code for Secure Boot signing and Ventoy was updated not to allow unsigned bootloaders when Secure Boot is enabled (i.e. Main Edition Support. Tried it yesterday. Ventoy is an open source tool that lets you create a bootable USB drive for ISO files. And they can boot well when secure boot is enabled, because they use bootmgr.efi directly from Windows iso. 2.-verificar que la arquitectura de la imagen iso sea compatible con el procesador, 1.-modo uefi: Sorry for the late test. ? I should also note that the key used in Ventoy is the same used in Super UEFIinSecureBoot Disk, my key. Tested ISO: https://github.com/rescuezilla/rescuezilla/releases/download/2.4/rescuezilla-2.4-64bit.jammy.iso. I didn't expect this folder to be an issue. Does the iso boot from s VM as a virtual DVD? Results when tested on different models\types of x86 computers - amount of RAM, make/model, latest BIOS? openSUSE-Tumbleweed-XFCE-Live-x86_64-Snapshot20200402-Media - 925 MB, star-kirk-2.1.0-xfce-amd64-live.iso - 518 MB, Porteus-CINNAMON-v5.0rc1-x86_64.iso - 300 MB I'll see if I can find some time in the next two weeks to play with your solution, but don't hold your breath. This means current is ARM64 UEFI mode. It also happens when running Ventoy in QEMU. slax 15.0 boots https://www.youtube.com/watch?v=-mv6Cbew_y8&t=1m13s. Maybe the image does not support X64 UEFI" VMware or VirtualBox) By the way, since I do want to bring that message home for people who might be tempted to place a bit too much trust in TPMs, disk encryption and Secure Boot, what the NSA would most likely do, if they wanted to access your encrypted disk data on an x86 PC, is issue a secret executive order to Intel or AMD, to design special version of the CPU they need, where the serial can be altered programmatically (so that they can clone the serial from the original CPU in case the TPM checks it) and that includes additional logic and EPROM to detect and store the critical data (such as disk decryption keys) when accessed. Currently, on x64 systems, Ventoy is able to run when Secure Boot is enabled, through the use of MokManager to enroll the certificate with which Ventoy's EFI executable is signed. @pbatard I've been studying doing something like that for UEFI:NTFS in case Microsoft rlinquishes their stupid "no GPLv3" policy on Secure Boot signing, and I don't see it as that difficult when there are UEFI APIs you can rely on to do the 4 steps I highlighted. You signed in with another tab or window. Posts: 15 Threads: 4 Joined: Apr 2020 Reputation: 0 0 2. In Windows, Ventoy2Disk.exe will only list the device removable and in USB interface type by default. @pbatard, if that's what what your concern, that could be easily fixed by deleting grubia32.efi and grubx64.efi in /EFI/BOOT, and renaming grubia32_real.efi grubia32.efi, grubx64_real.efi grubx64.efi. my pleasure and gladly happen :) Passware Kit Forensic , on Legacy mode booting successfully but on UEFI returns to Ventoy. Well occasionally send you account related emails. Sign in The text was updated successfully, but these errors were encountered: Please test this ISO file with VirtualMachine(e.g. https://abf.openmandriva.org/product_build_lists. Do I need a custom shim protocol? Will these functions in Ventoy be disabled if Secure Boot is detected? 1.0.84 AA64 www.ventoy.net ===> @adrian15, could you tell us your progress on this? Ventoy loads Linux kernels directly, which are also signed with embedded Shim certificate (not with the certificate trusted by EFI DB). If anyone has an issue - please state full and accurate details. Nevertheless, thanks for the explanation, it cleared up some things for me around the threat model of Secure Boot. It woks only with fallback graphic mode. Go ahead and download Rufus from here. Already have an account? With this option, in theory, Ventoy can boot fine no matter whether the secure boot in the BIOS is enabled or disabled. Getting the same error with Arch Linux. Ventoy also supports BIOS Legacy. Maybe we should just ask the user 'This file is not signed by Microsoft for 'Secure Boot' - do you still wish to boot from it?' Can I reformat the 1st (bigger) partition ? only ventoy give error "No bootfile found for UEFI! And they can boot well when secure boot is enabled, because they use bootmgr.efi directly from Windows iso. 3. 1. The main point of Secure Boot is to prevent (or at least warn about) the execution of bootloaders that have not been vetted by Microsoft or one of the third parties that Microsoft signed a shim for (such as Red Hat). The current Secure Boot implementation should be renamed from "Secure Boot support" to "Secure Boot circumvention/bypass", the documentation should state about its pros and cons, and Ventoy should probably ask to delete enrolled key (or at least include KeyTool, it's open-source). You can copy several ISO files at a time, and Ventoy will offer a boot menu where you can select them. In this situation, with current Ventoy architecture, nothing will boot (even Fedora ISO), because the validation (and loading) files signed with Shim certificate requires support from the bootloader and every chainloaded .efi file (it uses custom protocol, regular EFI functions can't be used. This completely defeats Secure Boot and should not happen, as the only EFI bootloader that should be whitelisted for Secure Boot should be Ventoy itself, and any other EFI bootloader should still be required to pass Secure Boot validation. We talk about secure boot, not secure system. And of course, people expect that if they run UEFIinSecureBoot or similar software, whose goal is explicitly stated as such, it will effectively remove Secure Boot. I will not release 1.1.0 until a relatively perfect secure boot solution. Thank you for your suggestions! bionicpup64-8.0-uefi.iso Legacy+UEFI tested with VM, ZeroShell-3.9.3-X86.iso Legacy tested with VM, slax-64bit-9.11.0.iso Legacy tested with VM. snallinux-.6-x86_64.iso - 1.40 GB Astra Linux , supports UEFI , booting successfully. Ventoy is an open source tool to create a bootable USB drive for ISO/WIM/IMG/VHD (x)/EFI files. I was just objecting to your claim that Secure Boot is useless when someone has physical access to the device, which I don't think is true, as it is still (afaik) required for TPM-based encryption to work correctly. if this issue was addressed), it could probably be Secure Boot signed, in the same manner as UEFI:NTFS was itself Secure Boot signed. to your account, Hi ! XP predated thumbdrives big enough to hold a whole CD image, and indeed widespread use of USB thumb drives in general. ", https://drive.google.com/file/d/1_mYChRFanLEdyttDvT-cn6zH0o6KX7Th/view 3. I have installed Ventoy on my USB and I have added ISO file: "Win10SupperLite_TeamOS_Edition.iso" Optional custom shim protocol registration (not included in this build, creates issues). It looks cool. Option 1: Completly by pass the secure boot like the current release. screenshots if possible Does shim still needed in this case? I cannot boot into Ventoy with Secure Boot enabled on my machine though, it only boots when I disable Secure Boot in BIOS. https://nyancat.fandom.com/wiki/MEMZ_Nyan_Cat https://www.youtube.com/watch?v=-mv6Cbew_y8&t=1m13s. I also hope that the people who are adamant about never disabling Secure Boot do realize that, as it stands, the current version of Ventoy leaves them about as exposed as if Secure Boot was disabled, which of course isn't too great Thankfully, this can be fixed so that, even when using Ventoy, Secure Boot can continue to fulfill the purpose it was actually designed for. @rderooy try to use newest version, I've been trying on a Dell XPS 13 9360 with Ventoy 1.0.34 UEFI running and Memtest86-4.3.7.iso does not work. But, considering that I've been trying for the last 5 years to rally people against Microsoft's "no GPLv3 policy" without going anywhere, and that this is what ultimately forced me to rewrite/relicense UEFI:NTFS, I'm not optimistic about it. If you really want to mount it, you can use the experimental option VTOY_LINUX_REMOUNT in Global Control Plugin. It works for me if rename extension to .img - tested on a Lenovo IdeaPad 300. But it shouldn't be to the user to do that. When ventoy detects this file, it will not search the directory and all the subdirectories for iso files. ^^ maybe a lenovo / thinkpad / thinkcentre issue ? If a user whitelists Ventoy using MokManager, it's because they want the Ventoy bootloader to run in a Secure Boot environment and want it to only chain load boot loaders that meet the Secure Boot requirements. So all Ventoy's behavior doesn't change the secure boot policy. The MX21_February_x64.iso seems OK in VirtualBox for me. The USB partition shows very slow after install Ventoy. Ventoy is a tool to create bootable USB drive for ISO/WIM/IMG/VHD (x)/EFI files. You can grab latest ISO files here : Ventoy can boot any wim file and inject any user code into it. Porteus-CINNAMON-v4.0-x86_64.iso - 321 MB, APorteus-MULTI-v20.03.19-x86_64.iso - 400 MB, Fedora-Security-Live-x86_64-32_Beta-1.2.iso - 1.92 GB, Paragon_Hard_Disk_Manager_15_Premium_10.1.25.1137_WinPE_x64.iso - 514 MB, pureos-9.0-plasma-live_20200328-amd64.hybrid.iso - 1.65 GB, pfSense-CE-2.4.5-RELEASE-amd64.iso - 738 MB, FreeBSD-13.0-CURRENT-amd64-20200319-r359106-disc1.iso - 928 MB, wifislax64-1.1-final.iso - 2.18 GB Please follow About file checksum to checksum the file. Option 2: Only boot .efi file with valid signature. As Ventoy itself is not signed with Microsoft key. That's because, if they did want to boot non Secure Boot enabled ones, they would disable Secure Boot themselves. JonnyTech's response seems the likely circumstance - however: I've However, some ISO files dont support UEFI mode so booting those files in UEFI will not work. You can't. Follow the guide below to quickly find a solution. ventoy_x64.efi/ventoy_util_x64.efi ) , they do need digital signatures. espero les sirva, pueden usar rufus, ventoy, easy to boot, etc. It should be specially noted that, no matter USB drive or local disk, all the data will be lost after install Ventoy, please be very careful. @steve6375 I've mounted that partition and deleted EFI folder but it's still recognized as EFI, both in Windows Disk Management and the BIOS, just doesn't boot anymore. But . All the userspace applications don't need to be signed. There are many kinds of WinPE. Will it boot fine? Download non-free firmware archive. unsigned kernel still can not be booted. All other distros can not be booted. @blackcrack The injection is just like that I extract the ubuntu.iso and change/add some script and create an new ISO file. Then your life is simplified to Persistence management while each of the 2 (Ventoy or SG2D) provide the ability to boot Windows if it is installed on any local . It's the job of Ventoy's custom GRUB to ensure that what is being chainloaded is Secure Boot compliant because that's what users will expect from a trustworthy boot application in a Secure Boot environment. @ventoy Ventoy will search all the directories and sub directories recursively to find all the iso files and list them in the boot menu. Delete the Ventoy secure boot key to fix this issue. However, I'm not sure whether chainloading of shims are allowed, and how it would work if you try to load for example Ubuntu when you already have Fedora's shim loaded. @steve6375 due to UEFI setup password in a corporate laptop which the user don't know. And unfortunately, because Ventoy is derived from GRUB 2.0, the only way it could run in a Secure Boot environment (without using MokManager) is if it is loaded through a SHIM. and leave it up to the user. Its ok. It only causes problems. Finally, click on "64-bit Download" and it will start downloading Windows 11 from Microsoft's server. Sign in On Mon, Feb 22, 2021 at 12:25 PM Steve Si ***@***. Ventoy up to 1.0.12 used the /dev/mapper/ventoy approach to boot. . Google for how to make an iso uefi bootable for more info. This means current is MIPS64EL UEFI mode. @ventoy I can confirm this, using the exact same iso. The file size will be over 5 GB. It is pointless to try to enforce Secure Boot from a USB drive. Maybe the image does not support X64 UEFI! Yes, I already understood my mistake. privacy statement. , Laptop based platform: Tried the same ISOs in Easy2Boot and they worked for me. Does the iso boot from a VM as a virtual DVD? if this issue was addressed), it could probably be Secure Boot signed, in the same manner as UEFI:NTFS was itself Secure Boot signed. MediCAT So the new ISO file can be booted fine in a secure boot enviroment. Thank you! What's going on here? Thank you both for your replies. But that not means they trust all the distros booted by Ventoy. Just some of my thoughts: Format XFS in Linux: sudo mkfs -t xfs /dev/sdb1, It may be related to the motherboard USB 2.0/3.0 port. When the user is away again, remove your TPM-exfiltration CPU and place the old one back. DiskGenius It means that the secure boot solution doesn't work with your machine, so you need to turn off the option, and disable secure boot in the BIOS. Fedora/Ubuntu/xxx). They do not provide a legacy boot option if there is a fat partition with an /EFI folder on it. Have a question about this project? Option 1: doesn't support secure boot at all I installed ventoy-1.0.32 and replace the .efi files. I was able to create a Rufus image using "GPT for UEFI" and the latest Windows ISO (1709 updated in 12/2017). On my other Laptop from other Manufacturer is booting without error. Asks for full pathname of shell. It is designed to protect a system against malicious code being loaded and executed early in the boot process, before the operating system has been loaded. Parrot-security-4.9.1_x64.iso - 3.8 GB, eos-eos3.7-amd64-amd64.200310-013107.base.iso - 2.83 GB, minimal_linux_live_15-Dec-2019_64-bit_mixed.iso - 18.9 MB, OracleLinux-R7-U3-Server-x86_64-dvd.iso - 4.64 GB, backbox-6-desktop-amd64.iso - 2.51 GB Is there a way to force Ventoy to boot in Legacy mode? Using Ventoy-1.0.08, ubuntudde-20.04-amd64-desktop.iso is still unable to boot under uefi. Sorry, I meant to upgrade from the older version of Windows 11 to 22H2. However, users have reported issues with Ventoy not working properly and encountering booting issues. Maybe the image does not support x64 uefi. If you burn the image to a CD, and use a USB CD drive, I bet you find it will install fine. So from ventoy 1.0.09, an option for secure boot is added in Ventoy2Disk.exe/Ventoy2Disk.sh and default is disabled. Select the images files you want to back up on the USB drive and copy them. Latest Laptop UEFI 64+SECURE BOOT ON Blocked message. Keeping Ventoy and ISO files updated can help avoid any future booting issues with Ventoy. to your account, MB: GA-P110-D3, CPU: Intel Core i5 6400, RAM: 8GB DDR4, GPU: IGFX + NVIDIA GT730, MB: GA-H81M-S2PV, CPU : Intel Core i3 4650, RAM 8GB DDR3 GPU: IGFX, slitaz-rolling-core-5in1.iso @ValdikSS, I'm not seeing much being debated, when the link you point to appears to indicate that pretty much everybody is in agreement that loading unsigned kernels from GRUB, in a Secure Boot environment, is a bug (hence why it was reported as such). Worked fine for me on my Thinkpad T420. I thought that Secure Boot chain of trust is reused for TPM key sealing, but thinking about it more, that wouldn't really work. @ventoy used Super UEFIinSecureBoot Disk files to disable UEFI file policy, that's the easiest way, but not a 'proper' one. Open File Explorer and head to the directory where you keep your boot images. Last time I tried that usb flash was nearly full, maybe thats why I couldnt do it. Its also a bit faster than openbsd, at least from my experience. I checked and they don't work. Users have been encountering issues with Ventoy not working or experiencing booting issues. Expect working results in 3 months maximum. Fedora-Security-Live-x86_64-Rawhide-20200526.n.0 - 1.95 GB, guix-system-install-1.1.0.x86_64-linux.iso - 550 MB, ipfire-2.25.x86_64-full-core143.iso - 280 MB, SpringdaleLinux-8.1-x86_64-netinst.iso - 580 MB, Acronis.True.Image.2020.v24.6.1.25700.Boot.CD.iso - 690 MB, O-O.BlueCon.Admin.17.0.7024.WinPE.iso - 480 MB, adelie-live-x86_64-1.0-rc1-20200202.iso - 140 MB, fhclive-USB-2019.02_kernel-4.4.178_amd64.iso - 450 MB, MiniTool.Partition.Wizard.Technician.WinPE.11.5.iso - 390 MB, AOMEI.Backupper.Technician.Plus.5.6.0_UEFI.iso - 380 MB, O-O.DiskImage.Professional.14.0.321.WinPE.iso - 380 MB, EaseUS.Data.Recovery.Wizard.WinPE.13.2.iso - 390 MB, Active.Boot.Disk.15.0.6.x64.WinPE.iso - 400 MB, Active.Data.Studio.15.0.0.Boot.Disk.x64.iso - 550 MB, EASEUS.Partition.Master.13.5.Technician.Edition.WinPE.x64.iso - 500 MB, Macrium_Reflect_Workstation_PE_v7.2.4797.iso - 280 MB, Paragon.Hard.Disk.Manager.Advanced.17.13.1.x64.WinPE.iso - 400 MB, Passware.Kit.Forensic.2017.1.1.Win.10-64bit.BootCD.iso - 350 MB, orel-2.12.22-26.12.2019_13.14.livecd.iso - 1.1 GB, rocksolid-signage-release-installer-1.13.4-1.iso - 1.3 GB, manjaro-kde-20.0-rc3-200422-linux56.iso - 3 GB, OpenStage-2020.03-xfce4-x86_64.iso - 1.70 GB, resilientlinux-installer-amd64-2.2.iso - 2.20 GB, virage-beowulf-3.0-x86-64-UEFI-20191110_1146.iso - 1.30 GB, BlackWeb-Unleashed.19.11-amd64.hybrid.iso - 3 GB, yunohost-stretch-3.6.4.6-amd64-stable.iso - 400 MB, OpenMandrivaLx.4.2-snapshot-plasma.x86_64.iso - 2.10 GB Hope it would helps, @ventoy I still have this error on z580 with ventoy 1.0.16. I you want to spare yourself some setup headaches, take a USB crafted as a Ventoy or SG2D USB that contains KL ISO files, directly. Set the VM to UEFI mode and connect the ISO file directly to the VM and boot. How to mount the ISO partition in Linux after boot ? It's what Secure Boot is designed to do on account of being a trust chain mechanism that, when enabled, MUST alert if trust is broken. Tried with archlinux-2021.05.01-x86_64 which is listed as compatible and it is working flawlessly. You literally move files around and use a text editor to edit theme.text, ventoy.json, and so on. So any method that allows users to boot their media without having to explicitly disable Secure Boot can be seen as a nice thing to have even if it comes at the price of reducing the overall security of one's computer. I can provide an option in ventoy.json for user who want to bypass secure boot. Then congratulations: You have completely removed any benefits of using Secure Boot for any person who enrolled Ventoy on their Secure Boot computer. Link: https://www.mediafire.com/file/5zui8pq5p0p9zug/Windows10_SuperLite_TeamOS_Edition.iso/file But, just like GRUB, I assert that this matter needs to be treated as a bug that warrants fixing, which is the reason I created this issue in the first place. @pbatard, have you tested it? This will disable validation policy override, making Secure Book work as desired: it will load only signed files (+ files signed with SHIM MOK key). If the secure boot is enabled in the BIOS, the following screen should be displayed when boot Ventoy at thte first time. DSAService.exe (Intel Driver & Support Assistant). The only way to make Ventoy boot in secure boot is to enroll the key. If that was the case, I would most likely sign Ventoy for my SHIM (provided it doesn't let through unsigned bootloaders when Secure Boot is enabled, which is the precise issue we are trying to solve) since, even if it's supposed to be a competitor of Rufus, I think it's a very nice solution and I'm always more than happy to direct people who would like to have a multiboot version of Rufus to use Ventoy instead. It was working for hours before finally failing with a non-specific error. Sign in I have used OSFMount to convert the img file of memtest v8 to iso but I have encountered the same issue. Secure Boot is disabled in the BIOS on both systems, and the ISO boots just fine if I write it directly to a USB stick with Fedora Image Writer. @DocAciD I don't have a Lenovo, ThinkPad or a ThinkCentre, Getting the same on TinyCoreLiInux (CorePlus), URL; http://tinycorelinux.net/downloads.html, The ISO must be UEFI-bootable and have a UEFI64 boot file \EFI\BOOT\BOOTX64.EFI If you pull the USB drive out immediately after finish copy a big ISO file, most probably the file in the USB will be corrupted. preloader-for-ventoy-prerelease-1.0.40.zip, https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1401532, [issue]: Instead of dm-patch, consider a more secure and upstreamable solution that does not do kernel taint. https://forum.porteus.org/viewtopic.php?t=4997. Ventoy Binary Notes: This website is underprovisioned, so please download ventoy in the follows: (remember to check the SHA-256 hash) https://github.com/ventoy/Ventoy/releases Source Code Ventoy's source code is maintained on both Github and Gitee. to be used in Super GRUB2 Disk. This seem to be disabled in Ventoy's custom GRUB). Another issue about Porteus and Aporteus : if we copy ISO via dd or other tools or copy ISO contents to EFI partition of USB work perfectly in UEFI. The worst part is, at the NSA level, this is peanuts to implement, and it certainly doesn't require teams of coders or mathematicians trying to figure out a flaw or vulnerability. There are many suggestion to use tools which make an ISO bootable with UEFI on a flash disk, however it's not that easy as you can only do that with UEFI-enabled ISO's. By UEFI enabled ISO's I mean that the ISO files contain a BOOT\EFI directory with a EFI bootloader. So, yeah, if you have access to to the hardware, then Secure Boot, TPM or whatever security measure you currently have on consumer-grade products, is pretty much useless because, as long as you can swap hardware components around, or even touch the hardware (to glitch the RAM for instance), then unless the TPM comes with an X-Ray machine that can scan and compare hardware components, you're going to have a very hard time plugging all the many holes through which a dedicated attacker can gain access to your data. How did you get it to be listed by Ventoy? This filesystem offers better compatibility with Window OS, macOS, and Linux. That's actually very hard to do, and IMO is pointless in Ventoy case. cambiar contrasea router nucom; personajes que lucharon por la igualdad de gnero; playa de arena rosa en bahamas; The latest version of Ventoy, an open source program for Windows and Linux to create bootable media using image file formats such as ISO or WMI, introduces experimental support for the IMG file format.. Ventoy distinguishes itself from other programs of its kind, e.g. Edit: Disabling Secure Boot didn't help. In this case, try renaming the efi folder as efixxx, and then see if you get a legacy boot option. Sign up for a free GitHub account to open an issue and contact its maintainers and the community. Vmware) with UEFI mode and to confirm that the ISO file does support UEFI mode. No bootfile found for UEFI! When the user select option 1. Already on GitHub? Hi, thanks for your repley boot i have same error after menu to start hdclone he's go back to the menu with a black windows saying he's loading the iso file to mem and that it freez. Some Legacy BIOS has an access limitation and wont read a disk that exceeds the limitation. they reviewed all the source code). md5sum 6b6daf649ca44fadbd7081fa0f2f9177 The idea that Ventoy users "should know what they are getting into" or that "it's pointless to check UEFI bootloaders for Secure Boot" once Ventoy has been enrolled is disingenuous at best. How to make sure that only valid .efi file can be loaded. This is definitely what you want. Great , I also tested it today on Kabylake , Skylake and Haswell platforms , booted quickly and well. I think it's OK. So maybe Ventoy also need a shim as fedora/ubuntu does. 1.0.84 MIPS www.ventoy.net ===> Let us know in the comments which solution worked for you. https://www.youtube.com/watch?v=F5NFuDCZQ00 privacy statement. No, you don't need to implement anything new in Ventoy. Don't get me wrong, I understand your concerns and support your position. Nierewa Junior Member. . Passware.Kit.Forensic.2017.1.1.Win.10-64bit.BootCD.iso - 350 MB Snail LInux , supports UEFI , booting successfully.