Updated
Updated · heise online · Apr 28
Microsoft Defender adds dashboard to track expiring Secure Boot certificates
Updated
Updated · heise online · Apr 28

Microsoft Defender adds dashboard to track expiring Secure Boot certificates

9 articles · Updated · heise online · Apr 28
  • The new enterprise view shows 2023 certificate deployment across managed devices and classifies systems as Exposed, Compliant or Not applicable.
  • Microsoft says devices still boot without the update but cannot enforce newer early-boot protections, increasing exposure to tampered boot components, persistence techniques and other pre-OS attacks.
  • Admins can filter and export device data, while Windows Security covers individual PCs; Microsoft has warned since June 2025, and servers still require manual certificate deployment rather than automatic updates.
With the June deadline looming, what is the fate of enterprise PCs whose manufacturers fail to provide necessary firmware updates?
Is this massive manual update a sign that the PC’s fundamental 'root of trust' security model is fundamentally broken?

Related Stories

heise onlineApr 28
linkedinApr 28
blog.mindcore.dkApr 28
windowsforum.comApr 28
applixure.comApr 28
systemcenterdudes.comApr 28
MicrosoftApr 28
MicrosoftApr 28
WindowsLatestApr 28