Microsoft Provides a Secure Boot Certificate Update

Paul Thurrott
Apr 02, 2026
0

Back in February, Microsoft announced that it would roll out new Secure Boot certificates via Windows Update. Today, it provided a small update about how users will experience this change.

“Today, Microsoft announced that starting in April 2026, the Windows Security app will display additional information about the status of Secure Boot certificate updates on a [PC],” a Microsoft representative told us. “This can be found under Device security > Secure Boot [in the Windows Security app] to help users easily understand their device’s Secure Boot certificate update status.”

For those unfamiliar, the issue is that the Secure Boot functionality in Windows requires security certificates, and the original certificates date back to 2011 and need to be updated. If your PC is from 2024 or newer, it’s likely that you’re all set, and you won’t need to download a new security certificate. But if you have an older PC, it will almost certainly have to be updated. This will happen automatically via Windows Update. But if you’re not sure of the status of that certificate, you will be able to see that now in Windows Security as noted above.

As the company notes on Microsoft Support, the Windows Security tray icon and in-app Secure Boot interface will display a green check box, a yellow bang, or a red stop icon to indicate the certificate status. If it’s green, the certificate is up-to-date and you’re good. If it’s yellow, there’s a safety recommendation noting that you will need to manually update the certificate and may need to contact your PC maker. And if it’s red, there’s an issue that requires your immediate attention: The new certificate cannot be delivered to your PC because of a security vulnerability that impacts the boot process.

This change is rolling out starting today, but Microsoft will make additional improvements to the process starting in May that will include notifications and additional in-app guidance and controls.

If you’re an IT admin, you can learn more about this issue on Microsoft Support.

Tagged with

About author

Paul Thurrott

Paul Thurrott is an award-winning technology journalist and blogger with 30 years of industry experience and the author of 30 books. He is the owner of Thurrott.com and the host of three tech podcasts: Windows Weekly with Leo Laporte and Richard Campbell, Hands-On Windows, and First Ring Daily with Brad Sams. He was formerly the senior technology analyst at Windows IT Pro and the creator of the SuperSite for Windows from 1999 to 2014 and the Major Domo of Thurrott.com while at BWW Media Group from 2015 to 2023. You can reach Paul via email, Twitter or Mastodon.

View Articles

Currently on Forums
Visit the forums
- Microsoft surprises with its first server Linux distribution: Azure Linux 4.0
  Posted by shameer_mulji
  
  6
  comments
- Virtual Machines on Snaodrsgon
  Posted by lenh51
  
  5
  comments
- How do we report posts?
  Posted by train_wreck
  
  9
  comments
- Microsoft gaslights security researcher (again..)
  Posted by train_wreck
  
  0
  comment
Podcasts
Podcast Hub
- First Ring Daily 1965: Small Break
  
  Aired on May 14, 2026 by Brad Sams with 0 Comments
- First Ring Daily 1964: GoogleBook
  
  Aired on May 13, 2026 by Brad Sams with 0 Comments
- First Ring Daily 1963: Court Report
  
  Aired on May 12, 2026 by Brad Sams with 0 Comments
- First Ring Daily 1962: Set Your Phasers
  
  Aired on May 11, 2026 by Brad Sams with 0 Comments
Join the crowd where the love of tech is real - become a Thurrott Premium Member today!

Explore Premium Benefits

Tagged with

Share post