boot loader Archives

Winsage

March 7, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011, embedded in the motherboard's firmware, to ensure a secure boot process. The first of these certificates will expire on June 24, 2026, which will affect the ability to receive future security updates for critical components of the Windows startup process. Microsoft is rolling out replacement certificates through Windows Update, marking a significant security maintenance effort. Secure Boot operates as a chain of trust with certificates stored in the motherboard's UEFI firmware, validating software before the operating system loads. The Platform Key (PK) is at the top of this chain, followed by the Key Exchange Key (KEK) and the Signature Database (DB). The replacement certificates introduced in 2023 restructure certificate management, separating responsibilities among different certificate authorities to enhance the trust model. Not all PCs are affected by the upcoming expiration; newer devices manufactured since 2024 already have the new certificates. Windows 10 users face challenges as support for this version ends in October 2025, and they will not receive the new certificates unless enrolled in Extended Security Updates. Home users should ensure their PCs are set to receive updates automatically, while enterprise environments require coordination for firmware updates before the Windows certificate update.

Winsage

January 14, 2026

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

On Tuesday, Microsoft released its first security update for 2026, addressing 114 vulnerabilities, including eight classified as Critical and 106 as Important. The vulnerabilities include 58 related to privilege escalation, 22 concerning information disclosure, 21 linked to remote code execution, and five categorized as spoofing flaws. A notable vulnerability, CVE-2026-20805, involves information disclosure within the Desktop Window Manager (DWM) and has a CVSS score of 5.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by February 3, 2026. Additionally, Microsoft announced the expiration of three Windows Secure Boot certificates issued in 2011, effective June 2026, urging customers to transition to newer certificates to avoid disruptions. The update also removed vulnerable Agere Soft Modem drivers due to a local privilege escalation flaw (CVE-2023-31096) and addressed another critical privilege escalation flaw in Windows Virtualization-Based Security (CVE-2026-20876) with a CVSS score of 6.7. Other vendors, including Adobe, Amazon Web Services, and Cisco, have also released security patches for various vulnerabilities.

BetaBeacon

November 14, 2025

Android gaming handhelds are great, but there’s an ugly side to the space I’m tired of ignoring. Here’s a glimpse at my journey through the frustrating world of delayed Android gaming handhelds and what it reveals about one of the market’s biggest players

AYANEO is experiencing quality control issues, poor build quality, and shipping delays due to trying to do too much too fast.

Winsage

August 22, 2024

Microsoft investigates a patch breaking dual-boot PCs

Microsoft is addressing issues from a security patch for a two-year-old vulnerability (CVE-2022-2601) in the GRUB open-source boot loader, which has caused crashes on dual-boot systems running Windows and Linux. The patch was intended to fix a buffer overflow vulnerability that could allow unauthorized access during system startup. Despite Microsoft's advisory stating that the latest Windows builds are not affected when using GRUB2, users reported problems booting their Linux distributions after the update. Microsoft acknowledged the issue and is working with Linux partners to resolve it. Users have shared workarounds, including disabling Secure Boot and deleting the SBAT policy. Separately, the US Cybersecurity and Infrastructure Security Agency (CISA) added the ProxyLogon vulnerability (CVE-2021-31196) in Microsoft Exchange Server to its Known Exploited Vulnerabilities Catalog, highlighting ongoing exploitation despite a patch released in July 2021.

Winsage

August 21, 2024

Microsoft breaks dual-boot Windows and Linux PCs with security update sent to wrong systems

A recent Microsoft security update has caused booting issues for users of dual-boot systems running both Windows and Linux. The update, intended to fix a vulnerability in GRUB, was mistakenly applied to dual-boot systems, resulting in an error message: "something has gone seriously wrong." Affected Linux distributions include Debian, Linux Mint, Puppy Linux, Ubuntu, and Zorin OS. Users have been advised to temporarily disable secure boot to delete the problematic SBAT included in the update released on August 13, 2024, and then re-enable secure boot to restore functionality.

Winsage

August 21, 2024

Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs

Microsoft's recent security update has disrupted dual-boot systems running Windows and Linux by causing booting issues due to a patch for a vulnerability in the GRUB boot loader. Users are experiencing error messages like “security policy violation” and “something has gone seriously wrong” across various Linux distributions, including Ubuntu, Debian, and Linux Mint. The update was meant to enhance Secure Boot security, but it has led to boot failures for many users. A temporary workaround for Ubuntu users involves disabling Secure Boot in BIOS and executing a command to remove Microsoft's SBAT policy. Despite Secure Boot being a key security feature for Windows, it has vulnerabilities that may compromise its effectiveness. The situation highlights the need for better communication from Microsoft regarding the impact of their updates.

Winsage

August 21, 2024

Windows update paralyzes Linuxes again

Recent Windows updates rolled out on August 13 have caused booting issues for users of various Linux distributions, particularly affecting Ubuntu 24.04 LTS and its derivatives. The updates introduced security measures that block outdated boot loaders, specifically through the Secure Boot Advanced Targeting (SBAT) feature. This feature aims to address memory limitations in BIOS and recognizes when secure boot is compromised, leading to the failure of Linux boot loaders Shim and Grub. Only boot loaders from trusted sources, mainly Microsoft, can operate under Secure Boot. While the update does not apply to systems that dual boot Windows and Linux, reports indicate that Linux boot sticks may still be affected. Existing Linux installations on hard drives or SSDs will continue to function normally with the latest updates. Affected distributors will need to update their installation media, which may take several days, or users can disable Secure Boot, keeping in mind the need to document the Bitlocker recovery key to avoid issues with encrypted Windows installations.

Winsage

August 21, 2024

“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update

Last Tuesday, users in the Linux community experienced boot failures due to an error message related to a Microsoft update that aimed to fix a two-year-old vulnerability in GRUB, designated CVE-2022-2601, which had a severity rating of 8.6 out of 10. This vulnerability allowed attackers to bypass Secure Boot, a safeguard against malicious software during the boot process. The update affected various Linux distributions, including Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux, particularly impacting dual-boot systems. Microsoft claimed that the update would not affect dual-boot configurations, but many users reported otherwise. Affected users have sought solutions, such as disabling Secure Boot or deleting the newly introduced Secure Boot Attestation Token (SBAT) policy. The incident underscores ongoing issues with Secure Boot, which has faced scrutiny due to multiple vulnerabilities.