bootloaders Archives

Winsage

March 11, 2026

Microsoft releases Windows 10 KB5078885 extended security update

Microsoft has released the Windows 10 KB5078885 extended security update, which addresses vulnerabilities identified during the March 2026 Patch Tuesday. This update resolves two zero-day vulnerabilities and a critical issue preventing certain devices from shutting down properly. Users of Windows 10 Enterprise LTSC or those in the ESU program can install it via Settings under Windows Update. The update upgrades Windows 10 to build 19045.7058 and Windows 10 Enterprise LTSC 2021 to build 19044.7058. The update focuses on security enhancements and bug fixes, addressing a total of 79 vulnerabilities, including two actively exploited ones. Key fixes include: - A new warning dialog in Windows System Image Manager for confirming trusted catalog files. - Enhancements to File History for backing up files with specific Chinese and Private Use Area characters. - Stability improvements for specific GPU configurations. - Additional high-confidence device targeting data for Secure Boot certificates. - Adjustments to Chinese fonts for compliance with GB18030-2022A standards. - A fix for Secure Launch-capable PCs with Virtual Secure Mode unable to shut down or hibernate after a previous security update. - Resolution of an issue affecting folder renaming with desktop.ini files in File Explorer. The update also addresses a known issue preventing Windows 10 devices from shutting down or hibernating when System Guard Secure Launch is enabled. Microsoft is deploying new Secure Boot certificates to replace those expiring in June 2026, which are crucial for validating boot components and preventing security risks. There are currently no known issues associated with this update.

Winsage

March 7, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011, embedded in the motherboard's firmware, to ensure a secure boot process. The first of these certificates will expire on June 24, 2026, which will affect the ability to receive future security updates for critical components of the Windows startup process. Microsoft is rolling out replacement certificates through Windows Update, marking a significant security maintenance effort. Secure Boot operates as a chain of trust with certificates stored in the motherboard's UEFI firmware, validating software before the operating system loads. The Platform Key (PK) is at the top of this chain, followed by the Key Exchange Key (KEK) and the Signature Database (DB). The replacement certificates introduced in 2023 restructure certificate management, separating responsibilities among different certificate authorities to enhance the trust model. Not all PCs are affected by the upcoming expiration; newer devices manufactured since 2024 already have the new certificates. Windows 10 users face challenges as support for this version ends in October 2025, and they will not receive the new certificates unless enrolled in Extended Security Updates. Home users should ensure their PCs are set to receive updates automatically, while enterprise environments require coordination for firmware updates before the Windows certificate update.

Winsage

March 6, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011 for boot process integrity. The first of these certificates will expire on June 24, 2026, impacting the ability to receive future security updates. Microsoft is rolling out replacement certificates through Windows Update, requiring collaboration between Microsoft, PC manufacturers, and users. Three critical certificates will expire: the Microsoft Corporation KEK CA 2011 and Microsoft UEFI CA 2011 in June 2026, and the Microsoft Windows Production PCA 2011 in October 2026. The new certificates introduced in 2023 have a restructured functionality to enhance security. Not all PCs are affected; newer devices manufactured since 2024 come with the new certificates. Windows 10 users face challenges as support ends in October 2025, and unsupported devices will not receive updates. Home users should ensure automatic Windows updates and check for firmware updates, while enterprise environments must verify firmware updates before applying certificate updates. The first certificate expiration is on June 27, 2026.

AppWizard

March 3, 2026

With developer verification, Google’s Apple envy threatens to dismantle Android’s open legacy

The F-Droid team published an open letter to Google, supported by 35 organizations, expressing concerns about Google's changes to the Android ecosystem. Many Android users rely on Google for app installations, facing challenges when trying to use alternative app stores or open-source apps without verification. Some developers are shifting to progressive web apps instead of Android. Alternatives to Google's verification system include non-certified Android devices and privacy-focused ROMs like LineageOS or GrapheneOS, but these options come with security vulnerabilities and installation difficulties for most users. Telecom companies impose restrictions on devices to ensure they work on their networks, leading to a reliance on stock software and security updates from Google and manufacturers.

Winsage

February 15, 2026

Microsoft Refreshes Secure Boot Certificates via Windows Update

Microsoft will begin rolling out new Secure Boot certificates through Windows Update starting in March 2026, coinciding with the expiration of original certificates from 2011, which will phase out in June 2026. The new certificates include Microsoft Corporation KEK 2K CA 2023, Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023, and Windows UEFI CA 2023. Not all Windows users will receive the update simultaneously; eligibility will focus on high-confidence devices with strong update histories. Newer PCs sold from 2024 will already have the 2023 Secure Boot certificates, while some devices may require additional firmware updates from their OEMs. PCs that do not receive the new certificates will still boot but will operate with diminished security, increasing vulnerability to exploits and compatibility issues with anti-cheat software and future Windows versions. Users on unsupported Windows versions will not receive the new certificates, leading to heightened security risks after June 2026.

Winsage

February 13, 2026

Microsoft Introduces New Secure Boot Certificates Before June Deadline

The foundational security certificates supporting Windows Secure Boot, introduced in 2011, will expire in mid-2026, specifically in June and October. Microsoft and PC manufacturers are updating the Windows ecosystem to address this. Devices that do not receive updated certificates may face security limitations and compatibility issues with newer operating systems and hardware. The transition is described as a "generational refresh" of the trust infrastructure for Windows. Systems failing to update will still function but may enter a "degraded security state," unable to install new security mitigations or newer operating systems. Most users will receive updates automatically through Windows Update, while older systems may require manual intervention. Systems at risk include those running unsupported Windows versions, with Secure Boot disabled, or not enrolled in Extended Security Updates. Users should check their Secure Boot status using PowerShell commands to ensure they are using the new certificates. The update affects not only Windows PCs but also other devices utilizing UEFI Secure Boot.

Winsage

January 13, 2026

New Windows updates replace expiring Secure Boot certificates

Microsoft is enhancing security for Windows 11 24H2 and 25H2 users by automatically replacing expiring Secure Boot certificates on eligible devices. Secure Boot protects against malicious software by ensuring only trusted bootloaders are executed during startup. Many Secure Boot certificates are set to expire starting in June 2026, which could jeopardize secure booting capabilities if not updated. The update includes a mechanism to identify devices eligible for automatic receipt of new Secure Boot certificates. IT administrators are advised to install the new certificates to maintain Secure Boot functionality and prevent loss of security updates. Organizations can also deploy Secure Boot certificates through various methods. IT administrators should inventory their devices, verify Secure Boot status, and apply necessary firmware updates before installing Microsoft's certificate updates.

BetaBeacon

December 8, 2025

Running Blockchain Games: Android Requirements & Compatibility

Blockchain games use distributed ledgers to store assets and data, including progress tracking and digital economies. Blockchain technology and cryptocurrency integration have transformed digital entertainment, leading to the development of popular Web3 RPG titles like Axie Infinity. Games built on blockchain networks require devices with minimum requirements for Android version compatibility, CPU and GPU performance, RAM, storage, wallet integration, network connectivity, security, and battery life.

Winsage

October 6, 2025

Windows 11 25H2 Installs Can Be A Breeze With This Rufus Tool Tip

Rufus continues to function effectively for Windows 11 installations despite concerns regarding the latest 25H2 update. A bug caused an "Assertion failed!" error when creating installation media, but a recent patch has resolved this issue. Users can bypass Windows 11's minimum requirements by selecting the "first bypass on the WUE dialog." The latest Rufus version 4.11 introduces a new option to use "Windows CA 2023" signed bootloaders, addressing the revocation of older Secure Boot certificates. However, users need a "compatible target PC" to avoid security violations, which can prevent installation if firmware updates are not applied. For a fresh installation, users should obtain the latest Windows 11 image directly from Microsoft.

Winsage

July 3, 2025

Windows Update: Unwanted side effects occurred

Microsoft has acknowledged issues with the latest Windows 11 updates, particularly affecting the update preview released last Friday. Users have reported firewall error messages and some computers failing to boot after applying the updates. The Windows Release Health Notes indicate that these firewall errors, specifically event number 2042 related to Windows Defender Firewall, can be ignored as they do not indicate a malfunction. The issue is linked to a function under development and primarily impacts Windows 11 24H2, with a resolution planned for a future update. Additionally, users of older Fujitsu Esprimo PCs have reported startup problems after installing the June security updates, with affected devices displaying a black screen. Investigations suggest these issues may be related to a DBX update affecting bootloaders when Smart Boot is enabled. Users have speculated that outdated BIOS may be a factor, and instructions for updating firmware have been shared, although they are not user-friendly. Microsoft has not confirmed the startup issues with Fujitsu PCs and is not currently working on a specific solution.