Windows Security app Archives

Winsage

June 10, 2026

Microsoft releases Windows 10 KB5094127 extended security update

Microsoft has released the Windows 10 KB5094127 extended security update, which addresses vulnerabilities identified during the June 2026 Patch Tuesday and enhances monitoring of updated Secure Boot certificates. Users on Windows 10 Enterprise LTSC or enrolled in the ESU program can install it via the Windows Update settings. The update upgrades Windows 10 to build 19045.7417 and Windows 10 Enterprise LTSC 2021 to build 19044.7417. It focuses on security enhancements and bug fixes, resolving a total of 200 vulnerabilities, including three zero-day flaws. Key features include improved File Explorer search functionality for Chinese text and UTF-8 encoded files, dynamic status reporting for Secure Boot states, a new policy setting to limit Secure Boot service data sent to Microsoft, and enhanced targeting data for automatic receipt of new Secure Boot certificates. A known issue may cause BitLocker recovery notifications on certain systems, particularly those with specific BitLocker Group Policy settings. Microsoft recommends removing the Group Policy setting and suspending/resuming BitLocker as a temporary fix.

Winsage

May 28, 2026

Your Windows PC has a security deadline in June 2026

A Secure Boot certificate refresh is being deployed across supported Windows devices via Windows Update. The Secure Boot certificates from 2011 will begin to expire in June 2026, prompting Microsoft to introduce new 2023-dated certificates to maintain security. Most users will require minimal action if their PCs are updated, but older devices may face challenges. The current certificates include: - Microsoft Corporation KEK CA 2011: expires June 24, 2026 - Microsoft UEFI CA 2011: expires June 27, 2026 - Microsoft Windows Production PCA 2011: expires October 19, 2026 The new certificates will remain valid until 2038, with plans for post-quantum cryptography around 2030. While PCs using the 2011 certificates will continue to function, they will lose access to new security protections, making them vulnerable to emerging threats. A notable example of such a threat is the BlackLotus bootkit, which exploited vulnerabilities to bypass Secure Boot. Microsoft's rollout strategy involves a staged update process that typically takes around 48 hours and may require restarts. Users are advised to keep Windows updated and check their Secure Boot status. Known issues may arise for older PCs, systems that bypassed Windows 11 requirements, Legacy BIOS systems, and custom firmware configurations. IT teams managing devices should inventory their systems, monitor specific event IDs, test updates, and document devices that cannot be updated.

Winsage

May 27, 2026

Your PC’s trust in Windows has an expiration date

Microsoft will change Secure Boot certificates in June 2026, impacting Windows 11 PCs. If users do not update the certificates, their PCs may still function but will lack critical boot updates and malware blacklists, potentially compromising security. Without the new certificates, systems cannot run the latest Windows Boot Manager, making them vulnerable to bootkit malware and hindering future Windows feature updates. Older computers using BIOS are exempt from this issue. The new Secure Boot certificates are valid until 2038. Users can check their Secure Boot status in the Windows Security app; a green circle indicates readiness for the deadline.

Winsage

May 26, 2026

‘Restart Multiple Times’—Microsoft Changes Windows Next Week

Microsoft will begin the expiration of Secure Boot certificates on most PCs in June, marking the end of a 15-year period of stability. This affects all PCs manufactured before 2023. Users will likely need to perform multiple restarts during the update process, which includes pushing data into firmware and loading a new bootloader. Ignoring the Secure Boot deadline in June 2026 may lead to significant security risks, as Microsoft will stop providing essential boot updates and malware blacklists. The Windows Security App has been updated to help users monitor these changes, and users should check for warnings indicating the status of Secure Boot. It is important for Windows 10 users to ensure they are enrolled in the Extended Security Updates (ESU) program to avoid vulnerabilities.

Winsage

May 18, 2026

Microsoft Changes ‘Most Windows Devices’ In June—Update Yours Now

Microsoft has alerted users that Secure Boot certificates will begin to expire in June, affecting most Windows devices. Users must update these certificates to avoid disruptions, as failing to install the latest Windows update could prevent devices from booting securely. A "one-time restart" will be required after the update to load new certificates. If the update is not installed by June 1, users may see a red stop icon in the Windows Security app. The update issued on May 12 was modified on May 15 to warn that it might fail to install. Microsoft indicates that most users will need to restart their PCs, although this may revert the update. The latest updates will expand the number of devices eligible for new Secure Boot certificates, but users are uncertain about how many PCs will be affected due to a phased rollout approach.

Winsage

May 14, 2026

‘Avoid Disruption’—Microsoft Updates Windows Before June Deadline

Microsoft has released a security update for Windows 10 users, identified as KB5087544, which includes dynamic status reporting for Secure Boot states. Secure Boot certificates, in place for 15 years, are set to expire next month, and Microsoft advises users to update their certificates to avoid security risks. All Windows 10 PCs will require new certificates, but only those in the Extended Security Updates (ESU) program will be eligible for the update. Most Windows 11 devices will also need new certificates, except those purchased in the last two years. Failure to install the new certificates may affect device boot security. The update also addresses a security warning related to Remote Desktop Connection and may prompt some users to enter a BitLocker recovery key after restarting. New certificates will only be issued to devices that show successful update signals, and users should upgrade their Windows Security App to address potential issues. Notifications will be sent once new Secure Boot certificates are installed.

Winsage

May 13, 2026

Microsoft releases Windows 10 KB5087544 extended security update

Microsoft has released the Windows 10 KB5087544 extended security update, which addresses vulnerabilities identified during the May 2026 Patch Tuesday and resolves issues related to Remote Desktop warnings. Users on Windows 10 Enterprise LTSC or enrolled in the ESU program can install it via Settings under Windows Update. The update upgrades Windows 10 to build 19045.7291 and Windows 10 Enterprise LTSC 2021 to build 19044.7291. The update focuses on security enhancements and bug fixes, addressing 120 vulnerabilities. Key fixes include resolving incorrect Remote Desktop security warning dialogs in multi-monitor setups, introducing dynamic status reporting for Secure Boot, and adjusting Daylight Savings Time for Egypt. A known issue may require users to input their BitLocker recovery key after installation, affecting systems with specific BitLocker Group Policy configurations. Microsoft suggests removing the affected Group Policy setting and suspending and resuming BitLocker as a temporary solution.

Winsage

May 10, 2026

‘One Time Restart’—Microsoft Changes Windows After 15 Years

Microsoft is implementing changes to Secure Boot certificates for Windows PCs, marking the first expiration since 2011. New certificates must be installed on all devices before a deadline in June. Users can check their status via the Windows Security App. The new certificates will be distributed through regular monthly security updates, with some users already receiving them in April and others expected to see changes in May. Following these updates, users may experience additional restarts on their PCs. The update applies only to PCs eligible for security updates, meaning many Windows 10 PCs will not receive the new certificates, potentially exposing them to risks. Affected users are advised to enroll in Microsoft’s Extended Security Update (ESU) program.

Winsage

May 5, 2026

Microsoft confirms Windows 11 may restart multiple times after updates and your PC isn’t broken, as it’s due to Secure Boot 2023

Upon installing the April 2026 Patch Tuesday update, some users experienced two or three reboots, which Microsoft confirmed is intentional due to the installation of Secure Boot 2023 certificates. This behavior is expected for a limited number of devices and is part of the Secure Boot update process. The Secure Boot certificates are replacing older ones issued in 2011, set to expire in June 2026. Users can check their Secure Boot status in the Windows Security app, which indicates the status with green, yellow, or red badges. A green badge means the system is up to date, while yellow and red badges indicate issues with certificate updates. Microsoft is managing Secure Boot certificates on modern PCs, but older machines without OEM support may struggle to receive updates due to firmware limitations.

Winsage

May 3, 2026

Microsoft Defender Adds Dashboard for 2011 Secure Boot Certificates

Microsoft has introduced a feature in the Microsoft Defender dashboard to help IT managers identify devices using 2011 Secure Boot certificates, which expire in June of this year. The recommendation view categorizes devices into three groups: Exposed Devices (trust outdated certificates), Compliant Devices (use new 2023 certificates), and Not Applicable Devices (Secure Boot disabled or unsupported). The dashboard provides a centralized overview of device security status and the distribution of 2023 certificates, allowing filtering by operating system and device context. Devices without the new certificates will still boot but may lack the latest protection during the early boot phase, exposing them to threats. Microsoft does not automatically distribute new certificates via Windows updates on servers, requiring manual action from administrators. The dashboard aids IT teams in prioritizing action on Exposed Devices and exporting data for collaboration.