Updated
Updated · Windows Central · May 2
Windows PCs face security risks as Secure Boot certificates expire
Updated
Updated · Windows Central · May 2

Windows PCs face security risks as Secure Boot certificates expire

13 articles · Updated · Windows Central · May 2
  • Certificates first deployed in 2011 expire in June 2026; Microsoft says most Windows 11 devices will update automatically, while some older machines need OEM firmware fixes.
  • Unsupported systems, including Windows 10 without Extended Security Updates, will not get new certificates, leaving weaker boot protection and possible driver or software problems over time.
  • Windows 10 PCs enrolled in ESU should receive updates through Windows Update, but many ageing computers unable to run Windows 11 may remain exposed unless users upgrade or find manual workarounds.
As millions of Secure Boot certificates expire in 2026, could legacy PCs face permanent security risks or eventual lockout if OEMs stop supporting updates?
With the new certificate rollout, what hidden challenges might IT admins face managing BitLocker, firmware updates, and mixed device fleets across organizations?

Related Stories

Windows CentralMay 2
memstechtips.comMay 2
guru3d.comMay 2
windowsforum.comMay 2
blog.mindcore.dkMay 2
Windows CentralMay 2
The Windows ClubMay 2
MicrosoftMay 2
elevenforum.comMay 2
Ars TechnicaMay 2
XMay 2
askwoody.comMay 2
linkedinMay 2