"Bootkit malware aims to infect your PC before Windows and your security software even load. To guard against these threats, Secure Boot is a security feature that relies on certificates to ensure that only trusted programs kick off during the boot process. Now, those certificates are soon to expire. And that's where the latest Windows update comes into play. Launched on Tuesday, KB5074109 for Windows 11 and KB5073724 for Windows 10 include a variety of fixes."
""Secure Boot certificates used by most Windows devices are set to expire starting in June 2026," Microsoft said in its support advisories. "This might affect the ability of certain personal and business devices to boot securely if not updated in time." On its page on Windows Secure Boot certificate expiration, Microsoft added that "without updates, the Secure Boot-enabled Windows devices risk not receiving security updates or trusting new boot loaders, which will compromise both serviceability and security.""
Secure Boot defends PCs from bootkit malware by ensuring only trusted programs run during the boot process. Secure Boot depends on certificates that are scheduled to begin expiring in June 2026. Microsoft released updates KB5074109 for Windows 11 and KB5073724 for Windows 10 to refresh those expiring certificates. The refreshed certificates replace the old ones and restore long-term trust for boot loaders. Without these updates, Secure Boot-enabled devices risk failing to boot securely, not receiving security updates, and not trusting new boot loaders. Install the updates via Settings > Windows Update to remain protected.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]