What this means is that if you have UEFI Secure Boot enabled, you can only boot a certified signed image - and at least in the original UEFI specification, the only signing authority was Microsoft.
Installing Linux on your PC is super easy - here's how to do it I will show that it's possible to install, configure, and use this Linux distribution with absolutely no command-line access.
Read More Even worse, in some cases in my own direct experience, different systems from the same OEM have completely different UEFI configuration procedures.
Secure Boot is supposed to be one of the major reasons for the existence of UEFI firmware - but in my opinion it is a ridiculously complex solution for a problem that the vast majority of PC users would never be faced with.
The idea is to certify the boot image(s) on your computer, so that evil-doers can not corrupt or replace them, and thereby penetrate your system.
The first step is fairly easy, and is almost always the same on all systems.