BIOS Archives

Winsage

March 7, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011, embedded in the motherboard's firmware, to ensure a secure boot process. The first of these certificates will expire on June 24, 2026, which will affect the ability to receive future security updates for critical components of the Windows startup process. Microsoft is rolling out replacement certificates through Windows Update, marking a significant security maintenance effort. Secure Boot operates as a chain of trust with certificates stored in the motherboard's UEFI firmware, validating software before the operating system loads. The Platform Key (PK) is at the top of this chain, followed by the Key Exchange Key (KEK) and the Signature Database (DB). The replacement certificates introduced in 2023 restructure certificate management, separating responsibilities among different certificate authorities to enhance the trust model. Not all PCs are affected by the upcoming expiration; newer devices manufactured since 2024 already have the new certificates. Windows 10 users face challenges as support for this version ends in October 2025, and they will not receive the new certificates unless enrolled in Extended Security Updates. Home users should ensure their PCs are set to receive updates automatically, while enterprise environments require coordination for firmware updates before the Windows certificate update.

Winsage

March 6, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011 for boot process integrity. The first of these certificates will expire on June 24, 2026, impacting the ability to receive future security updates. Microsoft is rolling out replacement certificates through Windows Update, requiring collaboration between Microsoft, PC manufacturers, and users. Three critical certificates will expire: the Microsoft Corporation KEK CA 2011 and Microsoft UEFI CA 2011 in June 2026, and the Microsoft Windows Production PCA 2011 in October 2026. The new certificates introduced in 2023 have a restructured functionality to enhance security. Not all PCs are affected; newer devices manufactured since 2024 come with the new certificates. Windows 10 users face challenges as support ends in October 2025, and unsupported devices will not receive updates. Home users should ensure automatic Windows updates and check for firmware updates, while enterprise environments must verify firmware updates before applying certificate updates. The first certificate expiration is on June 27, 2026.

AppWizard

March 6, 2026

ChatGPT Android App Preps Seamless Session Memory

OpenAI is refining its ChatGPT Android app with version 1.2026.062, introducing a persistent app-level memory feature that allows users to return to their previous activities after switching applications or force-closing the app. This update also includes improvements in image editing, a new "Fun facts" section for profiles, and a potential transition to a full-screen menu for better navigation. The memory feature preserves the exact state within ChatGPT, addressing disruptions caused by mobile operating systems pausing background applications. The redesign of the image editing interface emphasizes an action-first approach, making tools more accessible. The enhancements aim to reduce user frustration, improve usability, and facilitate better collaboration for users on shared devices.

Winsage

March 5, 2026

I tested Windows 11 LTSC in 2026, and it’s the best version of Windows 11 without Copilot, AI and other bloat

Windows 11 LTSC (Long-Term Servicing Channel) is a specialized edition of Windows 11 designed for organizations that prioritize stability over the latest features. It allows users to defer feature updates for up to ten years, receiving only monthly quality updates and optional feature updates every three years. LTSC includes only Microsoft Edge as a modern app, with classic versions of Calculator, Notepad, and Paint, and lacks Copilot integration, the Microsoft Store, and Widgets. Users can operate LTSC without signing into a Microsoft account. The version was officially announced in April 2023, with Enterprise and IoT editions set to launch in late 2024. It is suitable for large organizations, industrial systems, IT departments, and IoT devices needing long-term support. General users can download a 90-day trial of LTSC, but a clean installation is required for transitioning from Windows 11 Pro or Home. The minimum system requirements include a 1 GHz processor, 4 GB RAM, and 64 GB storage. LTSC offers advantages such as no bloatware, a stable environment, and a lower storage footprint, but it does not receive new Windows features and lacks access to the Microsoft Store by default.

Winsage

March 1, 2026

Windows 11 Pro Upgrade Now $12.97 in Rare Deal

A Windows 11 Pro license is available for .97, representing a 93% discount from the standard retail price of 9. This license activates on one machine and includes features such as BitLocker full-disk encryption, Windows Sandbox, Hyper-V virtualization, Remote Desktop host, Group Policy, and Domain join support. Windows 11 Pro also integrates Microsoft’s Copilot for AI-assisted tasks and offers workflow enhancements like Snap Layouts and multiple desktops. To qualify for Windows 11, a PC must have a compatible 64-bit CPU, TPM 2.0, Secure Boot, at least 4GB of RAM, and 64GB of storage. Users upgrading from Windows 11 Home typically retain their files and applications. Caution is advised regarding the purchase source to avoid gray-market or region-locked keys. Key differences between Windows 11 Pro and Home include enhanced security and management features, making Pro suitable for users handling sensitive data or requiring remote access.

Winsage

February 27, 2026

Windows Server finally gets ReFS boot support

Microsoft has introduced boot support for the Resilient File System (ReFS) in Windows Server, allowing insiders to boot the server operating system directly from a ReFS volume. This feature has been made available in the latest Windows Server Insider Preview build after a fourteen-year wait since ReFS was launched in 2012. ReFS can detect corruption early and address issues online, eliminating the need for chkdsk, and supports volumes up to 35 petabytes. It also includes block cloning and sparse provisioning technologies for efficient file management. To use ReFS boot, organizations must install the latest Windows Server vNext Insider Preview with a minimum build number of 29531.1000.260206-1841, format the system partition as ReFS, and ensure UEFI firmware is used.

Winsage

February 23, 2026

Don’t Buy a Refurbished or Used Windows 10 Computer

The author explored used and refurbished laptops for a testing lab, focusing on budget-friendly options, particularly those running Windows 10. Microsoft has ceased support for Windows 10, leaving users vulnerable to security risks compared to those using Windows 11. Many Windows 10 devices may not support an upgrade to Windows 11, making them less desirable despite their lower prices. Users are advised to consider the importance of security and check compatibility with Windows 11 before purchasing. Devices manufactured in the last five years are more likely to support the upgrade. Indicators that a computer may not support Windows 11 include being manufactured before 2019, having an older processor, running a version of Windows earlier than 10, or lacking support for Secure Boot, TPM, or UEFI. If a computer is kept offline, the operating system's importance is reduced, but this scenario is rare. The author recommends against purchasing Windows 10 devices, as refurbished Windows 11 models are only slightly more expensive and offer better security.

Winsage

February 14, 2026

Windows 98 On A 2020 ThinkPad P14s Gen 1 Laptop

The x86 architecture allows users to run operating systems from the 1990s on modern hardware. Yeo Kheng Meng successfully booted Windows 98 SE on a 2020 ThinkPad P12s Gen 1 alongside Windows 11 and Linux from a single NVMe drive. He previously ran MS-DOS 6.22 on a 2020 ThinkPad X13. The main challenges included UEFI complexities and the need for compatible hardware drivers. Both ThinkPad models support UEFI-CSM mode. To address the lack of xHCI support in Windows 98, Yeo used a USB 2.0 expansion card through a Thunderbolt dock. The installation involved disabling Secure Boot, enabling UEFI-CSM, activating Thunderbolt BIOS assist mode, and turning off Kernel DMA protection. Yeo used the CREGFIX DOS driver for stability and applied patches from Rudolph Loew to overcome Windows 98's RAM limitation of 512 MB. Users must rely on basic VESA support and the SoftGPU driver for graphics acceleration due to the absence of updated drivers from Intel and NVIDIA. Disk access is routed through the BIOS, leading to suboptimal performance. Yeo configured the BIOS to support the S3 power state to address ACPI support issues. UEFI-CSM is often overlooked in newer systems, complicating the installation of Windows 7 and contributing to divides in the x86 ecosystem.

Winsage

February 13, 2026

Microsoft Introduces New Secure Boot Certificates Before June Deadline

The foundational security certificates supporting Windows Secure Boot, introduced in 2011, will expire in mid-2026, specifically in June and October. Microsoft and PC manufacturers are updating the Windows ecosystem to address this. Devices that do not receive updated certificates may face security limitations and compatibility issues with newer operating systems and hardware. The transition is described as a "generational refresh" of the trust infrastructure for Windows. Systems failing to update will still function but may enter a "degraded security state," unable to install new security mitigations or newer operating systems. Most users will receive updates automatically through Windows Update, while older systems may require manual intervention. Systems at risk include those running unsupported Windows versions, with Secure Boot disabled, or not enrolled in Extended Security Updates. Users should check their Secure Boot status using PowerShell commands to ensure they are using the new certificates. The update affects not only Windows PCs but also other devices utilizing UEFI Secure Boot.

Winsage

January 31, 2026

Final day to get Windows 11 Pro for just $10

A promotion has reduced the price of Windows 11 Pro to a significant discount, making it an attractive option for users currently on Windows 10 or the Home edition of Windows 11. The offer represents a 94% discount from the standard retail price and is a rare opportunity for a current-generation Windows Pro license. Windows 11 Pro includes features such as Snap Layouts, multiple desktops, BitLocker device encryption, Windows Information Protection, Hyper-V virtualization, and Remote Desktop capabilities. It requires a compatible 64-bit CPU, TPM 2.0, Secure Boot, at least 4GB of RAM, and adequate storage. Users are advised to purchase from reputable sellers to avoid issues with activation or legitimacy of the license.