Question Windows Secure Boot Certificates Expiring

Toggle sidebar Toggle sidebar
D

drea.drechsler

Polypheme
Oct 16, 2017
9,896
2,681
62,790
I have read where Windows 11 Secure Boot certificates are expiring in 2026. It sounds like we'll lose out on a number of security features if they're not updated on our systems... but there's terribly little useful info how to do it.

Is this really only an issue for IT managers in charge of corporate managed computers?

Is this going to be handled for the "average" home user through normal, routine Windows updates?
 
kerberos_20 said:
microsoft certificates gets updated through windows updates/firmware updates
experienced users can load any certificate they want
Click to expand...
Ahh... so if I have or use certificates for a specific purpose, i'd want to do that.

My machine is old and deprecated by it's manufacturer so no machine BIOS or firmware updates are to be expected I'm pretty certain.

But that aside, is it safe to say that a bog-standard home user (like I am) can just wait for Windows Update to do it's thing and keep my machines current?

EDIT: OK, just found it in one of the above links:
"If you use a Windows 10 or Windows 11 device that runs Home, Pro or Education edition, and you get updates automatically from Microsoft (like most people do), then yes—this is applicable for your device.

The good news is that the new 2023 certificates will be delivered to your device through regular Windows Update channels. For most users, no action is needed. "

So all I have to do is be running in Secure Boot mode (done) and keep getting updates (which I do).
 
Last edited:
USAFRet said:
Yes.
Click to expand...
thanks....

But separately, I really hate Microsoft penchant for excessive verbosity in these notices. If they'd get to discriminator (bog-standard home user that lets Microsoft manage their systems vs. the techie who customizes everything and manages it themselves) then there would be fewer questions raised.

But then, it wouldn't be a problem I suppose if I weren't someone kind of in between those extremese since the majority of the home users don't even pay attention to these things.
 
drea.drechsler said:
thanks....

But separately, I really hate Microsoft penchant for excessive verbosity in these notices. If they'd get to discriminator (bog-standard home user that lets Microsoft manage their systems vs. the techie who customizes everything and manages it themselves) then there would be fewer questions raised.

But then, it wouldn't be a problem I suppose if I weren't someone kind of in between those extremese since the majority of the home users don't even pay attention to these things.
Click to expand...
In all my decades of Windows use, I've never once had to manually manipulate/download/install secure boot certs manually.
At least not those that should come from MS.
 
  • Like
Reactions: COLGeek
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom