diff --git a/CHANGELOG.md b/CHANGELOG.md
index df48eb7c4..c4fcf51e6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,9 @@
 # OpenCore Legacy Patcher changelog
 
 ## 0.4.4
+- Lower SIP requirement for Root Patching
+  - Sets to 0x802 (previously 0xA03)
+  - Drops `CSR_ALLOW_UNTRUSTED_KEXTS` and `CSR_ALLOW_UNAPPROVED_KEXTS`
 
 ## 0.4.3
 - Increment Binaries:
diff --git a/data/sip_data.py b/data/sip_data.py
index 814bf83a7..1729df3f0 100644
--- a/data/sip_data.py
+++ b/data/sip_data.py
@@ -122,9 +122,7 @@ class system_integrity_protection:
 
     root_patch_sip_big_sur = [
         # Variables required to root patch in Big Sur and Monterey
-        "CSR_ALLOW_UNTRUSTED_KEXTS",  #            0x1
         "CSR_ALLOW_UNRESTRICTED_FS",  #            0x2   - Required to mount and edit root volume, as well as load modded platform binaries
-        "CSR_ALLOW_UNAPPROVED_KEXTS",  #           0x200
         "CSR_ALLOW_UNAUTHENTICATED_ROOT",  #       0x800 - Required to avoid KC mismatch kernel panic
     ]
 
diff --git a/gui/gui_main.py b/gui/gui_main.py
index 55cb5e3ce..bc5b1351f 100644
--- a/gui/gui_main.py
+++ b/gui/gui_main.py
@@ -2253,7 +2253,7 @@ class wx_python_gui:
         elif self.constants.sip_status is True:
             self.sip_value = 0x00
         else:
-            self.sip_value = 0xa03
+            self.sip_value = 0x802
         
         self.sip_label_2 = wx.StaticText(self.frame, label=f"Currently configured SIP: {hex(self.sip_value)}")
         self.sip_label_2.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_BOLD))
@@ -2262,21 +2262,21 @@ class wx_python_gui:
         )
         self.sip_label_2.Center(wx.HORIZONTAL)
 
-        self.sip_label_3 = wx.StaticText(self.frame, label="For older Macs requiring root patching, we set SIP to\n be partially disabled (0xa03) to allow root patching.")
+        self.sip_label_3 = wx.StaticText(self.frame, label="For older Macs requiring root patching, we set SIP to\n be partially disabled (0x802) to allow root patching.")
         self.sip_label_3.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
         self.sip_label_3.SetPosition(
             wx.Point(self.sip_label_2.GetPosition().x, self.sip_label_2.GetPosition().y + self.sip_label_2.GetSize().height + 10)
         )
         self.sip_label_3.Center(wx.HORIZONTAL)
 
-        self.sip_label_4 = wx.StaticText(self.frame, label="This value (0xa03) corresponds to the following bits in csr.h:")
+        self.sip_label_4 = wx.StaticText(self.frame, label="This value (0x802) corresponds to the following bits in csr.h:")
         self.sip_label_4.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
         self.sip_label_4.SetPosition(
             wx.Point(self.sip_label_3.GetPosition().x, self.sip_label_3.GetPosition().y + self.sip_label_3.GetSize().height + 5)
         )
         self.sip_label_4.Center(wx.HORIZONTAL)
 
-        self.sip_label_5 = wx.StaticText(self.frame, label="   0x1     - CSR_ALLOW_UNTRUSTED_KEXTS\n   0x2     - CSR_ALLOW_UNRESTRICTED_FS\n   0x200 - CSR_ALLOW_UNAPPROVED_KEXTS\n   0x800 - CSR_ALLOW_UNAUTHENTICATED_ROOT")
+        self.sip_label_5 = wx.StaticText(self.frame, label="   0x2     - CSR_ALLOW_UNRESTRICTED_FS\n   0x800 - CSR_ALLOW_UNAUTHENTICATED_ROOT")
         self.sip_label_5.SetFont(wx.Font(12, wx.FONTFAMILY_DEFAULT, wx.FONTSTYLE_NORMAL, wx.FONTWEIGHT_NORMAL))
         self.sip_label_5.SetPosition(
             wx.Point(self.sip_label_4.GetPosition().x, self.sip_label_4.GetPosition().y + self.sip_label_4.GetSize().height + 7)
@@ -2329,7 +2329,7 @@ OpenCore Legacy Patcher by default knows the most ideal
         if hex(self.sip_value) == "0x0":
             self.constants.custom_sip_value = None
             self.constants.sip_status = True
-        elif hex(self.sip_value) == "0xa03":
+        elif hex(self.sip_value) == "0x802":
             self.constants.custom_sip_value = None
             self.constants.sip_status = False
         else:
diff --git a/resources/build.py b/resources/build.py
index a0ea81244..b97ce04a5 100644
--- a/resources/build.py
+++ b/resources/build.py
@@ -863,7 +863,7 @@ class BuildOpenCore:
             self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = utilities.string_to_hex(self.constants.custom_sip_value.lstrip("0x"))
         elif self.constants.sip_status is False:
             print("- Set SIP to allow Root Volume patching")
-            self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = binascii.unhexlify("030A0000")
+            self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["csr-active-config"] = binascii.unhexlify("02080000")
         # if self.constants.amfi_status is False:
         #     print("- Disabling AMFI")
         #     self.config["NVRAM"]["Add"]["7C436110-AB2A-4BBB-A880-FE41995C9F82"]["boot-args"] += " amfi_get_out_of_my_way=1"
diff --git a/resources/cli_menu.py b/resources/cli_menu.py
index 5bbf8aca9..ba8cb35ab 100644
--- a/resources/cli_menu.py
+++ b/resources/cli_menu.py
@@ -174,7 +174,7 @@ Note: For security reasons, OpenShell will be disabled when Vault is set.
         print(
             f"""SIP is used to ensure proper secuirty measures are set,
 however to patch the root volume this must be lowered partially.
-Only disable is absolutely necessary. SIP value = 0xA03
+Only disable is absolutely necessary. SIP value = 0x802
 
 Valid options: