Just a warning that if you have a PC with Windows 7 and a motherboard from ASUS with UEFI, you should avoid installing the BitLocker patch KB 3133977. Microsoft switched this patch from optional to recommended on April 12 and in recent weeks there have been a lot of reports about Windows 7 machines that suddenly refuse to boot and show red "Secure Boot Violation" warning messages.
The issue here is that ASUS motherboards implement Microsoft Secure Boot by default, but older operating systems like Windows 7 don't support this. After installing the KB3133977 update, the system detects inconsistent OS loader keys, which results in boot failure. ASUS provides a FAQ over here.
After you install update 3133977 on a Windows 7 x64-based system that includes an Asus-based main board, the system does not start, and it generates a Secure Boot error on the Asus BIOS screen. This problem occurs because Asus allowed the main board to enable the Secure Boot process even though Windows 7 does not support this feature.
To resolve this problem, go to the following Asus support website to learn how to disable Secure Boot for Windows 7:
Note The Secure Boot feature is supported in Windows 10. To learn more about the security advantages of this feature and about the upgrade path from Windows 7 to Windows 10, go to the following Windows website: