Here is a cool video demonstrating how to use EfiGuard: https://www.youtube.com/watch?v=EJGuJp2fqpM. This post will condense the information into a non-video format, and is explicitly for vmware VMs.
- Download the release version of EfiGuard here: https://github.com/Mattiwatti/EfiGuard
- Open an administrator powershell and run the following:
mountvol M: /S cd M:\EFI\Boot copy C:\EfiGuard-v1.2.1\EFI\Boot\Loader.efi . copy C:\EfiGuard-v1.2.1\EFI\Boot\EfiGuardDxe.efi .
The mountvol command with the
/S flag mounts the EFI System Partition on the
M:\ drive. We then copy the specified EfiGuard files into the system partition.
Now we need to configure the bios to booth EfiGuard. Reboot the vm and when the vmware splash screen is showing keep pressing
F2, to get into the BIOS, then go to the setup:
Then go to
Configure boot options:
Then go to
Add boot option:
Select the entry that says
GPT and hit
Loader.efi which is one of the files we copied into this partition
Give the entry a name and commit the changes
Optionally, go to
Change boot order and move the
efiguard entry to the top, else, you will have to manually select it on each reboot.
Open an admin prompt and run the following command
Now patchguard has been disabled.