boot failures

Winsage
June 29, 2026
Major PC manufacturers, including HP, Dell, ASUS, Lenovo, MSI, Acer, Samsung, LG, and Microsoft’s Surface division, have provided guidance on transitioning to new Secure Boot certificates as the expiration of Microsoft’s 2011 certificates approaches. The expiration will occur in three phases: Microsoft Corporation KEK CA 2011 expired on June 24, 2026; Microsoft UEFI CA 2011 expired on June 27, 2026; and Microsoft Windows Production PCA 2011 is set to expire on October 19, 2026. Microsoft has begun rolling out replacement certificates through Windows Update, contingent on OEMs providing compatible BIOS updates. ASUS offers detailed documentation for both consumer and commercial devices, confirming that most users will receive updates automatically. Lenovo provides direct download links for BIOS updates organized by product family and specifies which products will not receive updates. Dell's support article covers its entire product lineup, noting that devices with an End of Service Life before January 1, 2026, will not receive updates. HP outlines a dual-track approach for updates, with specific timelines for commercial PCs. Microsoft's Surface devices receive updates directly from Microsoft, while MSI categorizes guidance based on processor generation for its laptops. Acer emphasizes backing up the BitLocker recovery key and provides a model table for confirmed BIOS release dates. Samsung confirms that all PCs running Windows 10 or 11 will function normally post-expiration, but security updates will cease. LG has released a guide for checking BIOS updates for its PCs. To verify if a PC has the 2023 certificates, users can check the Secure Boot section in Windows Security. A green checkmark indicates successful application, while yellow or red icons indicate pending updates or incompatibility. Microsoft has pushed the certificates to all eligible devices as of June 2026.
Winsage
June 16, 2026
Windows 11 update KB5094126 (Build 26200.8655), released on June 9, 2026, has caused boot failures, blue screens, and BitLocker recovery prompts for users, particularly affecting business devices from HP and Dell, including models like HP EliteBook 840 G10 and Dell Precision 7530. The issues stem from changes in Secure Boot and EFI partition modifications, with insufficient EFI partition space leading to errors. A workaround involves disabling Secure Boot in BIOS. Additionally, users have reported disruptions with OneDrive and Microsoft Word integration, particularly in enterprise environments. Microsoft has not yet acknowledged these problems.
Winsage
June 15, 2026
Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.
Winsage
May 31, 2026
Microsoft is set to introduce a feature for Windows 11 called Cloud-Initiated Driver Recovery (CIDR), which will automatically revert problematic driver updates to stable versions via Windows Update. This feature aims to improve user experience by eliminating the need for manual uninstallation of faulty drivers. CIDR will monitor drivers and, if a driver is found to be problematic, it can initiate a remote rollback to restore a stable version. The process will not require additional software installations or changes to existing workflows for hardware manufacturers. The automated rollback will specifically target only the affected hardware components, ensuring other drivers and system functions remain unaffected. Initial testing for CIDR is scheduled between May and August 2026, with a broader rollout expected in September 2026.
Winsage
May 28, 2026
Microsoft released a mandatory patch (KB5087537) for Windows Server 2016 to enhance cryptographic layers and address critical vulnerabilities. This update is essential for organizations using legacy workloads, as mainstream support ended in January 2022, but extended support continues until January 12, 2027. The patch aims to prepare systems for the expiration of Windows Secure Boot certificates in June 2026, which, if not updated, could compromise security and expose systems to malware. The update uses a phased deployment model and includes a new SecureBoot folder to assist IT professionals in managing certificate status. It also addresses various quality-of-life issues, including bugs affecting Remote Desktop Connection and authentication errors with Microsoft services. However, a significant issue arises when the host server name is exactly 15 characters long, causing failures in the domain controller discovery process and obstructing critical operations. This bug is linked to the historical 15-character limit of NetBIOS, which affects the Active Directory lookup mechanism. Microsoft has acknowledged the issue but has not provided a timeline for a fix, leaving administrators to either rename servers or uninstall the update. As the Secure Boot deadline approaches, IT departments must carefully assess their environments to avoid disruptions while ensuring security compliance.
Winsage
May 23, 2026
Windows 11 has been experiencing interface issues, including a freezing taskbar, unresponsive File Explorer, and blank desktops, which Microsoft has categorized as 'general reliability' issues. To address these concerns, Microsoft is rolling out the May update for Windows 11, which began distribution last week. This update aims to enhance the reliability of components like explorer.exe, taskbar menus, and Task View interactions. Users may experience improvements in performance, particularly during sign-in processes and when managing items in File Explorer's Quick Access. The update is also being tested for the upcoming 26H1 version for Arm-based Snapdragon devices. Despite the positive changes, some users remain cautious about potential new glitches.
Winsage
April 1, 2026
Microsoft released an optional non-security update for Windows 11, identified as KB5079391, which caused significant installation issues for users, marked by error code 0x80073712. In response, Microsoft issued an emergency update, KB5086672, to address these problems for affected Windows 11 systems, including versions 25H2 and 24H2. This new update supersedes previous updates and includes protections and improvements from the March 2026 Windows security and non-security preview updates, along with an installation fix. The update also offers enhancements such as refresh rates exceeding 1000 Hz, improved auto-rotation and HDR reliability, and enhanced power efficiency for USB 4-connected monitors during sleep. Earlier in the year, the January security update, KB5074109, caused issues for gamers with Nvidia GPUs, leading to frame rate drops and system instability, with some users experiencing boot failures and errors like “UNMOUNTABLEBOOTVOLUME.” Additionally, users reported problems with shutting down or hibernating their PCs and disruptions in cloud-based applications like Outlook, OneDrive, and Dropbox.
Search