Secure Boot certificates issued by Microsoft will expire in June 2026, prompting a required update for Windows and some Linux devices. The UEFI Secure Boot feature, used on PCs and servers since 2011, relies on digital certificates stored in the UEFI database. Four Microsoft certificates dated 2011 are approaching expiration: three in June 2026 and one in October 2026. New certificates released in 2023 must be installed quickly. Devices that do not receive the update will continue to boot normally but will not receive future boot‑sequence updates, including revocation lists or mitigations for newly discovered vulnerabilities. The update is applied at two levels: the UEFI firmware, via manufacturer‑provided updates or manual certificate import, and the operating system, through regular update channels. Managed Windows systems may require IT intervention, while unsupported Windows versions will not receive the new certificates. Linux systems using the Shim bootloader signed by Microsoft must also update.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.