Microsoft is warning that the June expiration of software certificates will put those still using Windows 10 in an even more vulnerable state. The software certificates deal with a feature called Secure Boot, which can prevent a PC from loading malicious code as the machine starts up. Microsoft initially introduced the feature in 2011 with Windows 8 to ensure only trusted software runs during the boot process, warding off potential "pre-boot malware" threats.[1]
The problem is that “all Windows-based devices have carried the same set of Microsoft certificates,” which are slated to expire in late June. The company has been warning businesses about the issue, but last Tuesday, Microsoft published a new blog post that talks about what consumers can expect.
To keep Secure Boot up-and-running, the software giant has started to roll out fresh certificates through monthly Windows updates for consumers and enterprise users. So, if you’re on Windows 11, you should receive the update “with no additional action required,” the blog post notes. In addition, PC manufacturers “have been provisioning updated certificates on new devices and many newer PCs built since 2024, and almost all the devices shipped in 2025, already include the certificates and require no action from customers,” Microsoft says.
But it’s no secret that millions of consumers continue to use Windows 10, which officially lost support last year. This means Microsoft is no longer distributing new updates or security patches for the OS, leaving it more vulnerable to malware and other hacking threats.
The good news is that Microsoft offers a free way for Windows 10 users to receive security patches through 13 October 2026 via its “Extended Security Updates” program. If your Windows 10 machine is in the ESU program, then you can expect to receive new software certificates for Secure Boot. Otherwise, your computer will miss out. Specifically, the company warns: “If a device does not receive the new Secure Boot certificates before the 2011 certificates expire, the PC will continue to function normally, and existing software will keep running. However, the device will enter a degraded security state that limits its ability to receive future boot-level protections.”
The danger is that an unsupported Windows PC could become vulnerable to malware capable of infecting components on a firmware-level, and thus could even survive OS reinstalls. “As new boot‑level vulnerabilities are discovered, affected systems become increasingly exposed because they can no longer install new mitigations,” Microsoft added. “Over time, this may also lead to compatibility issues, as newer operating systems, firmware, hardware, or Secure Boot–dependent software may fail to load.”
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.pcmag.com/news/upgrade-now-microsoft-issues-security-warning-to-those-still-on-windows/
Comments