The Essentials: Secure Boot certificates from 2011 expired on June 24, 2026; more will follow in October – updates to 2023 certificates fail on some devices, and Microsoft now provides error documentation.
Microsoft offers guidance on errors related to expired Secure Boot certificates: first certificates from 2011 became invalid on June 24, 2026, with more to follow in October. Devices cannot always automatically update to the current 2023 certificates.
Windows Secure Boot infrastructure is undergoing a staggered certificate expiration process. First certificates issued by Microsoft from 2011 expired on June 24, 2026. Additional certificates will expire in October 2026. A transition to newer 2023 certificates is planned, but not all systems experience seamless updates.
Difficulties in updating Secure Boot certificates can have various causes: firmware incompatibility, local boot manager configurations, or restrictions imposed by enterprise policies are possible scenarios. Microsoft has recognized this issue and now documents which error patterns occur and in which scenarios they arise. With this, the company aims to support both IT administrators and system integrators in diagnosis.
For CISOs and IT security officers, this is a task for near-term planning cycles: the transition requires an inventory of the client landscape as well as planning for patches and configuration adjustments. Problems can particularly arise in heterogeneous environments with older or custom boot configurations. Microsoft now provides technical documentation to make exceptions and troubleshooting transparent and comprehensible.
Source: borncity.com · Published June 30, 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.2.