firmware updates Archives

Winsage

April 15, 2026

Mega Upgrade for Windows 11! Storage Suddenly Much Larger

Microsoft has lifted the FAT32 file system's volume limit in a recent preview version of Windows 11, allowing users to format storage devices with capacities of up to 2 terabytes, an increase from the previous maximum of 32 gigabytes. This change addresses a long-standing limitation that has existed since 1996. Additionally, Microsoft is enhancing the partition tool in Windows 11, improving its speed and responsiveness for managing multiple partitions. These updates are currently being tested in the Windows Insider Program, with no confirmed timeline for broader availability.

Winsage

March 7, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011, embedded in the motherboard's firmware, to ensure a secure boot process. The first of these certificates will expire on June 24, 2026, which will affect the ability to receive future security updates for critical components of the Windows startup process. Microsoft is rolling out replacement certificates through Windows Update, marking a significant security maintenance effort. Secure Boot operates as a chain of trust with certificates stored in the motherboard's UEFI firmware, validating software before the operating system loads. The Platform Key (PK) is at the top of this chain, followed by the Key Exchange Key (KEK) and the Signature Database (DB). The replacement certificates introduced in 2023 restructure certificate management, separating responsibilities among different certificate authorities to enhance the trust model. Not all PCs are affected by the upcoming expiration; newer devices manufactured since 2024 already have the new certificates. Windows 10 users face challenges as support for this version ends in October 2025, and they will not receive the new certificates unless enrolled in Extended Security Updates. Home users should ensure their PCs are set to receive updates automatically, while enterprise environments require coordination for firmware updates before the Windows certificate update.

Winsage

March 6, 2026

Microsoft’s Secure Boot certificates expire in June 2026, but older PCs may never get the fix

Every Secure Boot-enabled Windows PC relies on cryptographic certificates issued by Microsoft in 2011 for boot process integrity. The first of these certificates will expire on June 24, 2026, impacting the ability to receive future security updates. Microsoft is rolling out replacement certificates through Windows Update, requiring collaboration between Microsoft, PC manufacturers, and users. Three critical certificates will expire: the Microsoft Corporation KEK CA 2011 and Microsoft UEFI CA 2011 in June 2026, and the Microsoft Windows Production PCA 2011 in October 2026. The new certificates introduced in 2023 have a restructured functionality to enhance security. Not all PCs are affected; newer devices manufactured since 2024 come with the new certificates. Windows 10 users face challenges as support ends in October 2025, and unsupported devices will not receive updates. Home users should ensure automatic Windows updates and check for firmware updates, while enterprise environments must verify firmware updates before applying certificate updates. The first certificate expiration is on June 27, 2026.

Winsage

February 24, 2026

Surface Pro update fixes key cellular bugs — just as Microsoft leans into 5G

Microsoft has released a firmware update for the Surface Pro (11th Gen) in February, focusing on enhancing connectivity and device reliability. Key improvements include enhanced security to address vulnerabilities, uninterrupted VPN usage by fixing cellular connectivity issues, consistent cellular settings, improved video conferencing during Microsoft Teams calls, resolved compatibility issues with Surface Dock 2, and a fix for Dolby Vision video playback errors. Additionally, Microsoft is collaborating with Ericsson to enhance 5G connectivity for Surface Pro users, which will include features like automatic eSIM switching and remote policy management. Future 5G bundles will include Microsoft 365, Intune, and Ericsson Enterprise 5G Connect, available with Surface Copilot+ PCs.

AppWizard

February 21, 2026

GoPro Hero 4 Session: Android App Guide

To connect a GoPro Hero 4 Session to an Android device, first install the GoPro app from the Google Play Store. Ensure the camera is powered on and in pairing mode by pressing the button until the Wi-Fi icon appears. Open the GoPro app, add the camera, select "GoPro Hero 4 Session," and follow the on-screen instructions to connect to the camera's Wi-Fi network using the default password "goprohero." Once connected, the app provides features such as remote control, live preview, settings adjustment, media management, highlight tagging, and firmware updates. Common troubleshooting steps include ensuring Wi-Fi is enabled, forgetting the network, restarting devices, checking for interference, and updating the app and firmware. Tips for enhancing the GoPro experience include using the app for time-lapse photography, exploring Protune settings, creating short video clips, and regularly backing up footage.

AppWizard

February 19, 2026

New backdoor found in Android tablets targeting users in Russia, Germany and Japan

Researchers from Kaspersky have discovered an Android backdoor named Keenadu, embedded in the firmware of devices, allowing it to infect tablets before they reach consumers. This malware, affecting over 13,700 users globally, primarily targets advertising fraud by hijacking browser search engines, monitoring app installations, and generating fraudulent revenue. Tablets from various manufacturers, including Alldocube, have been found compromised, with the malware likely inserted during the firmware build stage through a compromised supply chain. Keenadu has multiple variants, some hidden in applications, and employs evasion tactics based on device language settings and time zones. It cannot be removed using standard Android security tools, and users are advised to install clean firmware or replace their devices entirely.

Winsage

February 15, 2026

Microsoft Refreshes Secure Boot Certificates via Windows Update

Microsoft will begin rolling out new Secure Boot certificates through Windows Update starting in March 2026, coinciding with the expiration of original certificates from 2011, which will phase out in June 2026. The new certificates include Microsoft Corporation KEK 2K CA 2023, Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023, and Windows UEFI CA 2023. Not all Windows users will receive the update simultaneously; eligibility will focus on high-confidence devices with strong update histories. Newer PCs sold from 2024 will already have the 2023 Secure Boot certificates, while some devices may require additional firmware updates from their OEMs. PCs that do not receive the new certificates will still boot but will operate with diminished security, increasing vulnerability to exploits and compatibility issues with anti-cheat software and future Windows versions. Users on unsupported Windows versions will not receive the new certificates, leading to heightened security risks after June 2026.

Winsage

February 13, 2026

Microsoft Refreshes Secure Boot Root of Trust Certificates

Microsoft is refreshing Secure Boot certificates across its Windows ecosystem ahead of their expiration in June 2026 to enhance firmware-level security. Most systems will automatically receive the new certificates via Windows Update, while older or specialized devices may require firmware updates from the original equipment manufacturer (OEM). Devices that do not receive the update will still boot but will gradually lose access to critical boot-level mitigations and future compatibility improvements. The deployment of the new certificates has started with regular monthly Windows updates and applies to home users, businesses, and educational institutions. Organizations can manage updates independently using tools like Group Policy. Many devices produced since 2024 and nearly all systems shipped in 2025 already have the updated certificates. If systems are not updated, they will continue to function but will enter a degraded security state, unable to adopt new Secure Boot mitigations. This could increase exposure to threats and lead to compatibility issues with newer operating systems and software. IT administrators should ensure that Windows Update is deploying the latest updates and that device firmware is current, especially for older hardware or specialized systems.

Winsage

February 13, 2026

Microsoft Introduces New Secure Boot Certificates Before June Deadline

The foundational security certificates supporting Windows Secure Boot, introduced in 2011, will expire in mid-2026, specifically in June and October. Microsoft and PC manufacturers are updating the Windows ecosystem to address this. Devices that do not receive updated certificates may face security limitations and compatibility issues with newer operating systems and hardware. The transition is described as a "generational refresh" of the trust infrastructure for Windows. Systems failing to update will still function but may enter a "degraded security state," unable to install new security mitigations or newer operating systems. Most users will receive updates automatically through Windows Update, while older systems may require manual intervention. Systems at risk include those running unsupported Windows versions, with Secure Boot disabled, or not enrolled in Extended Security Updates. Users should check their Secure Boot status using PowerShell commands to ensure they are using the new certificates. The update affects not only Windows PCs but also other devices utilizing UEFI Secure Boot.

Winsage

February 11, 2026

Refreshing the root of trust: industry collaboration on Secure Boot certificate updates

Secure Boot is a security feature in Windows and Windows Server that protects devices from untrusted software at startup. It has been in operation since 2011 and relies on certificates embedded in a PC’s firmware. The original Secure Boot certificates will begin to expire in late June 2026. New certificates are being rolled out through regular Windows updates for supported devices, with OEMs preparing new devices with updated certificates since 2024. If devices do not receive the new certificates before the expiration of the old ones, they will continue to function but will enter a degraded security state, limiting future protections. Users generally do not need to take action, as updates will be installed automatically, but some specialized systems may require separate firmware updates. Organizations can monitor the update status through the Windows Security App and should ensure devices are running the latest updates and firmware. Support is available for individuals and organizations facing issues during the update process.