Secure Boot Archives

Winsage

March 2, 2026

Still on Windows 10? That’s a security risk now

Microsoft Windows 11 Pro is available for .97, reduced from its regular price of 9, until March 8 at 11:59 P.M. Pacific. Windows 11 Pro includes enhanced security features such as TPM 2.0 support, BitLocker device encryption, Smart App Control, and Windows Sandbox. It also offers productivity tools like Hyper-V, Azure AD support, Snap layouts, and AI-assisted Copilot integration. Minimum system requirements for the upgrade include a 1 GHz or faster 64-bit processor, 4GB RAM, 64GB storage, UEFI firmware with Secure Boot, TPM 2.0, and DirectX 12 compatible graphics.

Winsage

March 1, 2026

Windows 11 Pro Upgrade Now $12.97 in Rare Deal

A Windows 11 Pro license is available for .97, representing a 93% discount from the standard retail price of 9. This license activates on one machine and includes features such as BitLocker full-disk encryption, Windows Sandbox, Hyper-V virtualization, Remote Desktop host, Group Policy, and Domain join support. Windows 11 Pro also integrates Microsoft’s Copilot for AI-assisted tasks and offers workflow enhancements like Snap Layouts and multiple desktops. To qualify for Windows 11, a PC must have a compatible 64-bit CPU, TPM 2.0, Secure Boot, at least 4GB of RAM, and 64GB of storage. Users upgrading from Windows 11 Home typically retain their files and applications. Caution is advised regarding the purchase source to avoid gray-market or region-locked keys. Key differences between Windows 11 Pro and Home include enhanced security and management features, making Pro suitable for users handling sensitive data or requiring remote access.

Winsage

February 28, 2026

Microsoft confirms a wider roll out of Windows 11’s new colourful battery icons on the taskbar

Windows 11 users will see colorful battery icons on the taskbar as Microsoft rolls out updates, including the new Start menu, with the update KB5077241. The vibrant battery icons have been in development for nearly two years, with initial testing starting in late 2024. The rollout began last year but was limited to select PCs. An optional update in February 2026 will further expand the availability of these icons and the updated Start menu. The new battery icon replaces the plain white bar with a green icon when charging, featuring a charging bolt during the process. The icon changes color based on battery levels: it turns orange at 30% and red below 6%. Users can display the battery percentage on the taskbar by enabling it in Settings > System > Power & Battery. Recent improvements to the Windows taskbar include the return of drag-and-drop functionality, the ability to resize the taskbar, and potential options to reposition it. Microsoft is also updating Secure Boot certificates, set to expire in June 2026, and distributing new certificates issued in 2023 to more PCs. A tutorial is available for users to verify the application of these new Secure Boot certificates.

Winsage

February 23, 2026

Prepare your servers for Secure Boot certificate updates

Windows Server administrators should update Secure Boot certificates before the June 2026 expiration date. Microsoft has held Secure Boot Ask Microsoft Anything (AMA) sessions in December 2025 and February 2026, with recordings available for those who missed them. Upcoming AMAs are scheduled for March and April. Administrators are encouraged to follow Windows Events on the Microsoft Tech Community and bookmark the Windows Secure Boot certificate updates page for centralized guidance and resources.

Winsage

February 23, 2026

Don’t Buy a Refurbished or Used Windows 10 Computer

The author explored used and refurbished laptops for a testing lab, focusing on budget-friendly options, particularly those running Windows 10. Microsoft has ceased support for Windows 10, leaving users vulnerable to security risks compared to those using Windows 11. Many Windows 10 devices may not support an upgrade to Windows 11, making them less desirable despite their lower prices. Users are advised to consider the importance of security and check compatibility with Windows 11 before purchasing. Devices manufactured in the last five years are more likely to support the upgrade. Indicators that a computer may not support Windows 11 include being manufactured before 2019, having an older processor, running a version of Windows earlier than 10, or lacking support for Secure Boot, TPM, or UEFI. If a computer is kept offline, the operating system's importance is reduced, but this scenario is rare. The author recommends against purchasing Windows 10 devices, as refurbished Windows 11 models are only slightly more expensive and offer better security.

Winsage

February 19, 2026

Windows 10 ESU update KB5075912 bumps 22H2 to Build 19045.6937

Microsoft has announced an update, identified as KB5075912, regarding Secure Boot certificates to enhance device security for Windows users. Key points include the introduction of new certificates to prevent unauthorized software during startup, improved compatibility with various hardware configurations, and a commitment to provide regular updates to these certificates.

Winsage

February 17, 2026

Microsoft Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices

Microsoft's Patch Tuesday update, KB5077181, released on February 10, 2026, has caused significant boot failures for users of Windows 11 versions 24H2 (OS build 26200.7840) and 25H2 (OS build 26100.7840), resulting in endless restart loops. Users are reporting over 15 reboot cycles, preventing access to their desktops. Issues include System Event Notification Service (SENS) errors and DHCP problems affecting internet connectivity. Installation errors with codes 0x800f0983 and 0x800f0991 indicate potential hardware, driver, or servicing stack incompatibilities. The update was intended to address 58 vulnerabilities, including six zero-days, but the boot loop issue has overshadowed these enhancements. CVE IDs and their CVSS scores related to the vulnerabilities addressed include: - CVE-2026-21510: 7.5 - CVE-2026-21519: 7.8 - CVE-2026-21533: 8.8 - CVE-2026-20841: 7.1 As of February 15, 2026, there is no "known issues" entry in Microsoft's release notes despite user reports. Users can uninstall the update through the Control Panel if their systems are accessible, or use the Windows Recovery Environment to execute commands for uninstallation if their systems are unbootable.

Winsage

February 16, 2026

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's security update KB5077181, released on February 10, 2026, for Windows 11 versions 24H2 and 25H2, has caused critical boot failures, leading to infinite restart loops for users. The update addresses 58 vulnerabilities, including six zero-day exploits, and introduces new Secure Boot certificates. Users have reported errors such as “a specified procedure could not be found” and DHCP failures, with installation errors like 0x800f0983 and 0x800f0991 affecting specific hardware. To resolve issues, users are advised to uninstall the update and pause Windows Update. Accessing the Windows Recovery Environment may also be necessary for persistent boot loops. While some users experienced improvements, the overall instability highlights risks associated with updates. Microsoft has not acknowledged any known issues related to this update as of February 15.

Winsage

February 15, 2026

Microsoft Refreshes Secure Boot Certificates via Windows Update

Microsoft will begin rolling out new Secure Boot certificates through Windows Update starting in March 2026, coinciding with the expiration of original certificates from 2011, which will phase out in June 2026. The new certificates include Microsoft Corporation KEK 2K CA 2023, Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023, and Windows UEFI CA 2023. Not all Windows users will receive the update simultaneously; eligibility will focus on high-confidence devices with strong update histories. Newer PCs sold from 2024 will already have the 2023 Secure Boot certificates, while some devices may require additional firmware updates from their OEMs. PCs that do not receive the new certificates will still boot but will operate with diminished security, increasing vulnerability to exploits and compatibility issues with anti-cheat software and future Windows versions. Users on unsupported Windows versions will not receive the new certificates, leading to heightened security risks after June 2026.

Winsage

February 14, 2026

Windows 98 On A 2020 ThinkPad P14s Gen 1 Laptop

The x86 architecture allows users to run operating systems from the 1990s on modern hardware. Yeo Kheng Meng successfully booted Windows 98 SE on a 2020 ThinkPad P12s Gen 1 alongside Windows 11 and Linux from a single NVMe drive. He previously ran MS-DOS 6.22 on a 2020 ThinkPad X13. The main challenges included UEFI complexities and the need for compatible hardware drivers. Both ThinkPad models support UEFI-CSM mode. To address the lack of xHCI support in Windows 98, Yeo used a USB 2.0 expansion card through a Thunderbolt dock. The installation involved disabling Secure Boot, enabling UEFI-CSM, activating Thunderbolt BIOS assist mode, and turning off Kernel DMA protection. Yeo used the CREGFIX DOS driver for stability and applied patches from Rudolph Loew to overcome Windows 98's RAM limitation of 512 MB. Users must rely on basic VESA support and the SoftGPU driver for graphics acceleration due to the absence of updated drivers from Intel and NVIDIA. Disk access is routed through the BIOS, leading to suboptimal performance. Yeo configured the BIOS to support the S3 power state to address ACPI support issues. UEFI-CSM is often overlooked in newer systems, complicating the installation of Windows 7 and contributing to divides in the x86 ecosystem.