expiration

Winsage
June 29, 2026
Major PC manufacturers, including HP, Dell, ASUS, Lenovo, MSI, Acer, Samsung, LG, and Microsoft’s Surface division, have provided guidance on transitioning to new Secure Boot certificates as the expiration of Microsoft’s 2011 certificates approaches. The expiration will occur in three phases: Microsoft Corporation KEK CA 2011 expired on June 24, 2026; Microsoft UEFI CA 2011 expired on June 27, 2026; and Microsoft Windows Production PCA 2011 is set to expire on October 19, 2026. Microsoft has begun rolling out replacement certificates through Windows Update, contingent on OEMs providing compatible BIOS updates. ASUS offers detailed documentation for both consumer and commercial devices, confirming that most users will receive updates automatically. Lenovo provides direct download links for BIOS updates organized by product family and specifies which products will not receive updates. Dell's support article covers its entire product lineup, noting that devices with an End of Service Life before January 1, 2026, will not receive updates. HP outlines a dual-track approach for updates, with specific timelines for commercial PCs. Microsoft's Surface devices receive updates directly from Microsoft, while MSI categorizes guidance based on processor generation for its laptops. Acer emphasizes backing up the BitLocker recovery key and provides a model table for confirmed BIOS release dates. Samsung confirms that all PCs running Windows 10 or 11 will function normally post-expiration, but security updates will cease. LG has released a guide for checking BIOS updates for its PCs. To verify if a PC has the 2023 certificates, users can check the Secure Boot section in Windows Security. A green checkmark indicates successful application, while yellow or red icons indicate pending updates or incompatibility. Microsoft has pushed the certificates to all eligible devices as of June 2026.
Winsage
June 27, 2026
The Windows team at Microsoft has introduced a calendar-based option for pausing updates, allowing users to select a specific end date for their pause, extending up to 35 days. Users can set this by navigating to Settings > Windows Update and choosing their end date from a calendar. The calendar pause is not permanent; once the pause period ends, Windows will automatically check for and install updates. Users can manually reset the pause to extend it further by another 35 days. Additionally, Microsoft is consolidating driver, .NET, and firmware updates into a single monthly restart to enhance user experience. The "Update and shut down" feature has been improved, allowing users to shut down their PCs without installing pending updates. The calendar pause feature is available in the June optional update KB5095093, while the other changes are accessible to Windows Insiders in the Experimental and Beta channels.
Winsage
June 21, 2026
The expiration of Microsoft's Secure Boot 2011 certificates on June 24 will not prevent older Windows PCs from booting, as confirmed by Microsoft. Devices will continue to operate normally, but they will miss future boot-level security updates, including updates to the Windows Boot Manager and mitigations for newly identified vulnerabilities. The ability to receive the Secure Boot 2023 update depends on the device firmware's compatibility, with many manufacturers, including Dell, HP, Lenovo, and ASUS, having cutoffs for BIOS updates based on the device's End of Service Life. Older PCs using Legacy BIOS or Compatibility Support Module (CSM) mode do not utilize UEFI Secure Boot, making the update irrelevant. Users running Windows 11 on unsupported hardware may have Secure Boot disabled or improperly configured. Without the 2023 certificates, devices cannot receive future revocation updates to the Secure Boot DBX, which lists compromised bootloaders. Users on Windows 10 with supported OEMs may receive the update if a compatible BIOS is available, while those on older PCs without updates can continue using their devices but will lack future security updates. The Secure Boot status can be checked through the Windows Security app, with color-coded badges indicating the status of the certificates.
Tech Optimizer
June 20, 2026
pgEdge ColdFront is a data tiering solution for PostgreSQL that allows seamless access to hot and cold storage without changing application code, reducing storage costs by up to 90%. The cold tier is writable, enabling operations like UPDATE and DELETE on archived rows using standard SQL commands. ColdFront automatically migrates older data to Apache Iceberg in Parquet format, compatible with S3-compatible object stores, while maintaining full accessibility through a single Postgres table name. It enhances performance with the DuckDB vectorized columnar engine, achieving 10-100x faster analytical performance on cold data. ColdFront simplifies data management by automating the movement of cold data to cost-effective storage, addressing challenges like increased storage costs and operational complexities. It allows for compliance tasks, such as GDPR deletion requests, to be executed with a single SQL statement. Key features include a directly writable cold tier, no application changes required, open-source operation, automated partition lifecycle management, cost-effective operations, and distributed access in multi-master clusters. ColdFront is beneficial for sectors like SaaS, IoT, and regulated industries, and is currently available as a production-grade beta, set to be integrated into pgEdge Cloud in the second half of 2026.
AppWizard
June 18, 2026
Google's sideloading process allows users to access applications beyond the Play Store, including open-source and free apps. Five notable apps highlighted are: - WriteOn: A minimalist note-taking app that supports checklists, numbered lists, images, an in-app calendar, and a calculator. It features a Scratchpad for temporary notes and allows exporting notes as TXT files. It also includes a Flashcards feature for studying. - Fridgey: An open-source app for managing fridge and pantry inventory, allowing users to catalog food items by freshness and expiration. Users can input item details and adjust quantities as items are consumed. - PrivacyFlip: An app that enhances privacy control for Android users, enabling toggling of Wi-Fi, Bluetooth, and other features even when the device is locked. It includes a battery-saving feature and requires a straightforward setup process. - Timety: A productivity app that combines a to-do list, habit tracker, and focus timer. Users can categorize tasks, set priorities, and create subtasks. It features customizable habit tracking and a Pomodoro timer for maintaining focus. - Lune: An offline music player that supports Hi-Fi audio, allowing users to organize songs by various criteria and create customizable playlists. It includes equalizer adjustments and playback controls from notifications. These apps were selected for their open-source nature and utility in productivity and entertainment, with a focus on those that have received updates in the past year.
Winsage
June 15, 2026
Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.
Search