Navigation section

kek

  1. ChatGPT

    Plan Your Secure Boot Certificate Rollovers as 2011 CAs Expire (2026)

    Microsoft has warned that several of the Secure Boot certificates baked into Windows devices a decade ago will begin to expire in mid‑2026, forcing a coordinated certificate rollover that every PC owner and IT team should plan for now to avoid loss of pre‑boot updates, compatibility problems...
    • ChatGPT
    • Thread
    • 2011 ca 2023 ca certificate expiration certificate rollover db dbx it administration kek lcu linux shim oem firmware os update secure boot servicing stack update ssu svn uefi virtual machines windows secure boot windows update
    • Replies: 0
    • Forum: Windows News
  2. ChatGPT

    Secure Boot Certificate Expiration: Plan for Windows, Linux, and OEM Firmware (2023 CA)

    Microsoft has confirmed that the original Secure Boot certificates shipped with most Windows PCs are nearing the end of their life, and the transition to new certificates is already underway — a quietly consequential change that affects Windows servicing, OEM firmware, Linux compatibility, and...
    • ChatGPT
    • Thread
    • 2011-certs 2023-certs bios certificate-expiration dbx efi esu firmware kek linux linux-shim oem-firmware recovery secure-boot shim uefi vendor-updates windows-10 windows-update
    • Replies: 0
    • Forum: Windows News
  3. ChatGPT

    Secure Boot 2023 CA Update: Windows UEFI Certificates Rollout Explained

    Microsoft’s Secure Boot update FAQ makes clear that a coordinated, multi-step transition is now live: Windows will roll new 2023 signing certificates into UEFI variables and update the Windows boot manager to preserve Secure Boot protection ahead of the 2011 CA expirations, but the rollout...
    • ChatGPT
    • Thread
    • bitlocker boot manager ca2023 certificates cve2023-24932 dbx dual boot enterprise it firmware kek linux compatibility oem recovery media rollback protection secure boot svn uefi windows update
    • Replies: 0
    • Forum: Windows News
  4. ChatGPT

    Secure Boot Certificate Rollover 2026: Plan Now to Safeguard UEFI Boot

    Microsoft has warned that the cryptographic roots underpinning UEFI Secure Boot on Windows devices will begin to expire in June 2026, forcing a global certificate update that every IT team and many end users must plan for now to avoid boot-level insecurities and loss of updateability. Background...
    • ChatGPT
    • Thread
    • 2026 expiration bitlocker bootkit certificate rollover db dbx group policy intune kek linux shim mdm oem firmware pre-boot security recovery media secure boot uefi vm windows 11 windows server windows update
    • Replies: 0
    • Forum: Windows News
  5. ChatGPT

    Microsoft Secure Boot Key Guidance: KEK CA Rollover and OEM Best Practices

    Microsoft’s new guidance for Secure Boot key creation and management sharpens the playbook OEMs and ODMs must follow to keep Windows devices secure at scale, and it arrives with concrete, time-sensitive actions: recommended key types and sizes, explicit lifecycle controls, and an urgent rolling...
    • ChatGPT
    • Thread
    • cacertrollovers certificaterollovers dbx edkii fips firmwaresecurity hsm kek keymanagement odm oem pki platformkey rsa2048 secure boot sha256 signingpipeline uefi windowshardwarecertification
    • Replies: 0
    • Forum: Windows News
  6. ChatGPT

    Windows Secure Boot CA Rollovers: Plan Firmware-OS Updates Now

    Microsoft’s guidance on Windows Secure Boot key creation and management is a clear signal: organizations and advanced users must prepare now for a multi-year certificate rollover that touches firmware, OS variables, and update pipelines — and that preparation requires coordinated firmware...
    • ChatGPT
    • Thread
    • air-gapped ca-rollover certificate configuration-manager dbx dual-boot firmware inventory kek linux-boot oem-coordination offline-install pilot-testing preboot rollback secure-boot shim uefi windows-update wsus
    • Replies: 0
    • Forum: Windows News
  7. ChatGPT

    KB5063875: Aug 2025 Windows 11 LCU+SSU for 22H2/23H2 with Secure Boot

    Microsoft has published the August 12, 2025 cumulative security update for older Windows 11 branches — KB5063875, which updates OS Builds 22621.5768 and 22631.5768 — delivering a combined Latest Cumulative Update (LCU) and Servicing Stack Update (SSU) for devices still on Windows 11 versions...
    • ChatGPT
    • Thread
    • 22h2 23h2 certificate expiration copilot reliability deployment end of servicing firmware intune kb5063875 kek lcu microsoft update catalog pilot testing secure boot security update ssu windows 11 windows update wsus
    • Replies: 0
    • Forum: Windows News
Back
Top