Microsoft expands Secure Boot 2023 certificate update to most Windows 11 and Windows 10 PCs
Microsoft has expanded the rollout of the Secure Boot 2023 certificate update (KB5094126) to most Windows 11 and Windows 10 PCs via the June 2026 Patch Tuesday update. After nearly two years of cautious, phased deployment held back by firmware compatibility checks, the vast majority of supported consumer PCs are now in the high confidence category, meaning the certificates are either already applied or rolling out automatically. The article explains how users can verify their Secure Boot status and what IT administrators need to do to manage the update.
Key quotes
With the June 2026 Patch Tuesday update (KB5094126), Microsoft pushed the Secure Boot 2023 certificate update to a significantly wider set of Windows 11 and Windows 10 devices.
For the better part of two years, this rollout has been cautious and phased, held back by firmware compatibility checks.
The vast majority of supported consumer PCs that Microsoft has diagnostic data for are now in the high confidence category, which means the certificates are either already applied or on their way without any action needed from you.
You might also wanna read
Microsoft Confirms Windows 11 Security Update Causing Boot Failures on Some PCs
Microsoft has confirmed that the January 2026 Windows security update (released January 13) is causing boot failures on some PCs, with devic
windowscentral.com·5mo agoMicrosoft Investigating Windows 11 January 2026 Update Causing Boot Failures on Some PCs
Microsoft is investigating reports that the Windows 11 January 2026 Update (KB5074109) is causing boot failures on some PCs, requiring manua
Understanding Secure Boot Certificate Rollover and Its Impact on Linux Users
The article discusses the implications of Secure Boot certificate rollover, particularly focusing on the claim that Linux users rely on a Mi
Impending Expiration of Microsoft's Key for Linux Secure Boot Raises Concerns
Linux users with Secure Boot enabled may face issues as Microsoft's key used for signing the UEFI bootloader is set to expire in September.
Impending Issue for Linux Users with Secure Boot: Microsoft Key Expiration
Linux users with Secure Boot enabled may face issues as the key from Microsoft used to sign the UEFI bootloader is set to expire in Septembe
Linux Secure Boot faces disruption as Microsoft signing key nears September expiration
Linux users with Secure Boot enabled rely on a Microsoft key for booting that expires in September. Microsoft will stop using this key to si

Comments
Sign in to join the conversation.
No comments yet. Be the first.