Microsoft Begins the First-Ever Secure Boot Certificate Swap Across Windows Ecosystem - Slashdot

Microsoft Begins the First-Ever Secure Boot Certificate Swap Across Windows Ecosystem - Slashdot
Close
binspam
dupe
notthebest
offtopic
slownewsday
stale
stupid
fresh
funny
insightful
interesting
maybe
offtopic
flamebait
troll
redundant
overrated
insightful
interesting
informative
funny
underrated
descriptive
typo
dupe
error
180766606
story
Microsoft has begun
automatically replacing
the original Secure Boot security certificates on Windows devices through regular monthly updates, a necessary move given that the 15-year-old certificates first issued in 2011 are set to expire between late June and October 2026.
Secure Boot, which verifies that only trusted and digitally signed software runs before Windows loads, became a hardware requirement for Windows 11. A new batch of certificates was issued in 2023 and already ships on most PCs built since 2024; nearly all devices shipped in 2025 include them by default. Older hardware is now receiving the updated certificates through Windows Update, starting last month's KB5074109 release for Windows 11. Devices that don't receive the new certificates before expiration will still function but enter what Microsoft calls a "degraded security state," unable to receive future boot-level protections and potentially facing compatibility issues down the line.
Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates. A small number of devices may also need a separate firmware update from their manufacturer before the Windows-delivered certificates can be applied.
You may like to read:
A Bitcoin Blunder for the Ages: $40 Billion Accidentally Given Away
Does a Gas-Guzzler Revival Risk Dead-End Futures for US Automakers?
Americans' Junk-Filled Garages Are Hurting EV Adoption, Study Says
Americans are Buying Twice as Many Hybrids as Fully Electric Vehicles. Is The Next Step Synthetic Fuels?
EV Sales Keep Growing In the US, Represent 20% of Global Car Sales and Half in China
China Is Mass-Producing Hypersonic Missiles For $99,000
The US Is Flirting With Its First-Ever Population Decline
This discussion has been archived.

No new comments can be posted.
Microsoft Begins the First-Ever Secure Boot Certificate Swap Across Windows Ecosystem
More
Microsoft Begins the First-Ever Secure Boot Certificate Swap Across Windows Ecosystem
Comments Filter:
All
Insightful
Informative
Interesting
Funny
The Fine Print:
The following comments are owned by whoever posted them. We are not responsible for them in any way.
Re:
Score:
by
arglebargle_xiv
( 2212710 )
writes:
No, it's "First, they came for the certificates, but no-one said anything because no-one cares about secure boot. Then they came for BIOS-based boot, but no-one said anything because they all used UEFI. Then they came for
..."
Re:certificates expiring.....
Score:
, Insightful)
by
Dishevel
( 1105119 )
writes:
on Tuesday February 10, 2026 @02:57PM (
#65980556
Because it is really invasive and has an ability to brick systems and the people responsible for doing it are low wage idiots and AI, overseen by Microsoft a company that has screwed up more than anyone thought possible.
I mean, maybe it will go fine, but it is current year Microsoft and
...
Parent
Share
Well, that rules out anything from Microsoft ...
Score:
by
proudindiv
( 711441 )
writes:
"only trusted and digitally signed software runs before Windows loads"
Re:
Score:
by
ArchieBunker
( 132337 )
writes:
Nothing will be "bricked". You would simply have to reinstall the OS.
Re:certificates expiring.....
Score:
, Informative)
by
haruchai
( 17472 )
writes:
on Tuesday February 10, 2026 @04:13PM (
#65980864
for a very large number of Windows users that's a distinction without a difference
Parent
Share
Re:
Score:
by
thegarbz
( 1787294 )
writes:
You don't have to do anything. The certificate used to sign the boot process is expiring. That doesn't make your computer unbootable, it means you can't sign new boot certificates or update the revocation database. Actually reinstalling the OS may be a problem, but using your computer as normal is not.
Re:
Score:
by
SomePoorSchmuck
( 183775 )
writes:
Nothing will be "bricked". You would simply have to reinstall the OS.
How will your Aunt Carol "
simply
... reinstall the OS"?
Re:
Score:
by
thegarbz
( 1787294 )
writes:
It does not. Secure boot is entirely within the users control. At the most it may cause a boot failure and a quick google will direct any idiot to a solution.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
To add to this, this certificate expiry issue will not cause computers to fail to boot. It will cause the inability to sign a new or changed boot process... something which only happens if the bootloader is changed by an OS update. Not only is nothing bricked, the end user is unlikely to notice anything changed.
Well normally they're dirtbags
Score:
, Interesting)
by
ebunga
( 95613 )
writes:
on Tuesday February 10, 2026 @03:53PM (
#65980772
They love forcing customers do whatever microsoft wants because that's how they get off. This would have been a great way to force hardware upgrades at gunpoint. So it really makes you wonder, what's their real motive here.
Parent
Share
Re:
Score:
by
thegarbz
( 1787294 )
writes:
I'm not sure what you mean. This policy doesn't differ from any other. Windows 10 devices on extended support contracts get a new cert. Windows 10 devices not on extended support contracts do not. It's no more or less of a forced upgrade than anything else Windows 10 vs 11 has been. Their motive hasn't changed.
Also it's not like anything becomes unbootable here. The issue is that if a bootload changes it can't be signed due to an expired certificate. But... if you're not getting upgrades for Windows 10,
..
Why not have people make their own keys?
Score:
, Insightful)
by
Murdoch5
( 1563847 )
writes:
on Tuesday February 10, 2026 @02:13PM (
#65980458
Homepage
Secure boot is functionally useless if you're not using custom keys, what Microsoft should do is walk the user through the enrolment of custom keys, and discontinue their secure keys. The entire point of secure boot is that you sign the components with your source of truth. Microsoft holding keys for your boot environment means they control the source of the truth, which mean it's not true, and not a safe source. I understand this would be complex, and could be confusing, but it's essential.
This is another example of absolute trust, instead of zero trust, something Microsoft seems to get wrong constantly.
Share
Re:Why not have people make their own keys?
Score:
, Insightful)
by
Valgrus Thunderaxe
( 8769977 )
writes:
on Tuesday February 10, 2026 @02:31PM (
#65980506
That would make it more cumbersome for the police to break into your computer.
Parent
Share
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
That's also true, hence the Absolute trust vs Zero true.
Re:
Score:
by
Charlotte
( 16886 )
writes:
I can see how Microsoft would prefer to make computers less safe. It's in their DNA.
Re:
Score:
by
AcidFnTonic
( 791034 )
writes:
Obligatory, FUCK the police.
Re:
Score:
by
0123456
( 636235 )
writes:
The goal of "Secure Boot" is to ensure that Microsoft control your PC, not you. It's working as intended.
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
Yep, 100%, which is the same reason BitLocker is generally useless from a security perspective.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
Secure boot is functionally useless if you're not using custom keys
That's a load of shit. Key signing practices have varying benefits. It's not binary. It's not secure vs not. Based on your own description precisely nothing on the internet is secure because certificates are signed by not you.
Yes signing your own key would be the most secure, but in practice it is only marginally more secure than trusting a third party (such as a third party that already has low level access to your system via pushed updates) to keep their keys under control.
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
What on the internet is secure? Do you "trust" email? I would hope not, unless it's signed / encrypted with something like PGP. TLS doesn't really protect anything, any site can give you a TLS connection, but that doesn't mean you can baselessly trust it. Communications programs that have "end-to-end" encryption, they're not secure unless you hold the key, and so on. A lot of security is just "trust", and I'm placing that in quotes because it's not real trust, it's more hope, and belief some people are
Re:
Score:
by
WaffleMonster
( 969671 )
writes:
Real security, real zero-trust, means you're absolutely prevented from being able to peak. It means you remove the reliance on faith, hope and belief. I know I'm sounding like Stallman right now, and I don't mean to, but the reality is some stupidly massive amount of daily everything is not secure. Even if you can make your own keys, are they actually trustworthy? Can you be sure that no other keys exist to bypass your keys?
I do consider this black and white, either you're secure or you're not. If it doesn't matter, that's fine, but with something like secure boot, where the entire purpose is unshaken validation with zero trust, you better bet I'm going to insist the keys are self-generated.
I wish the term "zero trust" would just go away. It is an oxymoron that only confuses people.
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
Yes, and it's misapplied constantly.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
Again you used the word secure. Secure isn't a thing. It's a sliding scale. Secure Boot moves you along that scale, so does TLS, so does putting a password on your Windows PC, so does having a firewall.
None of this is perfect, your "real security" doesn't exist, but that doesn't make any of it functionally useless.
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
Security is a sliding scale, but why isn't Microsoft being honest? They're operating at the low security end of the scale, and they should be willing to stand behind that with pride. Good security can exist, just demand it.
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
Sorry, I should be more clear, when I said it was black and white, I still mean that. With something like secure boot, email, communication, it's black and white. You can't have someone else control it for you, and think it's safe.
Re:
Score:
by
WaffleMonster
( 969671 )
writes:
That's a load of shit. Key signing practices have varying benefits. It's not binary. It's not secure vs not. Based on your own description precisely nothing on the internet is secure because certificates are signed by not you.
It is hard to argue with the proposition nothing is secure without managing trust yourself. The Internet's system of global trust anchors exist to prevent MITM attacks on peers.
Yet anyone in a position to perform such an attack can easily (often for free) get any of those same anchors to provide them with the very keys required to persistently compromise those peers. The system is total madness. Here secure boot is such a massive house of cards security is effectively a fools errand.
Yes signing your own key would be the most secure, but in practice it is only marginally more secure than trusting a third party (such as a third party that already has low level access to your system via pushed updates) to keep their keys under control.
You are not just trus
Re:
Score:
by
radarskiy
( 2874255 )
writes:
"what Microsoft should do is walk the user through the enrolment of custom keys,"
The 90th percentile Slashdot user is not competent to enroll custom keys. Are you going to pay the support costs if that's foisted on normal people?
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
I would think 99% of computer users don't know how to enrol keys, but unless you make custom keys, just disable secure boot, it's functionally useless if you don't.
Re:
Score:
by
AmiMoJo
( 196126 )
writes:
Secure Boot has been one of the most effective security tools that Microsoft has ever released. Before Secure Boot, it was common for malware to simple hook into low level drivers for IDE and SATA, so that even the OS couldn't see the malware on disk and it could install itself during the early part of the boot process. The only way to get rid of it was to boot a Linux CD with AV software, assuming your system was not encrypted, and of course that was way beyond most people.
Secure Boot put a stop to that, a
Re:
Score:
by
Murdoch5
( 1563847 )
writes:
That's fine, and secure boot has a place, but only if you use custom keys. I'm not discussing if secure boot is good or bad, simply the key management is up to the user, not the vendor.
Nothing is Secure as Hardware Write Disabled
Score:
by
BrendaEM
( 871664 )
writes:
Put the OS on a separate volume, Flick a switch: No write, fullstop. Want to update the OS, you flick the switch back to update to disable the write protect. Secure boot aside from Trusted Computing Platform 2.0--is the reason why millions of good computers are going out in front of peoples' houses to be taken to a landfill.
Re:
Score:
by
TwistedGreen
( 80055 )
writes:
Let's be fair... They don't go to a landfill, they get shipped to India to be burned.
Re:
Score:
by
boa
( 96754 )
writes:
Bro, disabling write means disabling security patches and updates. Not very secure, is it?
Re:
Score:
by
unrtst
( 777550 )
writes:
Bro, disabling write means disabling security patches and updates. Not very secure, is it?
Wow! You really nailed them! It's almost like they should have said something, like, I don't know, maybe:
Want to update the OS, you flick the switch back to update to disable the write protect.
Re:
Score:
by
Zocalo
( 252965 )
writes:
Yeah, some of us used to do that with *NIX systems back in the day. Seperate
/sbin and
/usr volumes, mounted read-only, and various other volumes, like
/home and
/tmp, depending on the system use, set to not allow execution. You needed to be root to remount to read-write in order to install patches or updated binaries, then reboot to get back to the read-only mountings. Regular users were not capable of doing jack with the sensitive OS partitions, and most forms of attack were really, really, hard when y
Re: Nothing is Secure as Hardware Write Disabled
Score:
by
ByTor-2112
( 313205 )
writes:
This is how industrial PLCs handle it: with a physical key. Almost any time you hear about some "hack" of a PLC, the fine print says someone must leave the key turned to program.
Re:
Score:
by
Excelcia
( 906188 )
writes:
This is exactly how I boot my computer.
In Windows I:
- Insert write-protected VeraCrypt recovery USB stick into USB
- Boot and hit F12
- Select the stick as the device to boot from, when VeraCrypt's recovery appears, I select to boot from the stick's copy of the EFI bootloader.
- Enter my Windows VeraCrypt partition password, and only when that processes can the bootloader even see my Windows drive, which can't really be tampered with because it's encrypted.
In Windows, the EFI bootloader doesn't change except i
Re:
Score:
by
ledow
( 319597 )
writes:
I was saying this when UAC was a thing.
If you want me to do something to the OS, rather than to my user account, make me flick a switch to do it, which puts the computer in an entirely different mode.
Now the only virus that can infect my bootloader is one that I actively participate in installing.
Multi-user computer? The switch is a key.
Disable secure boot?
Score:
, Insightful)
by
sinij
( 911942 )
writes:
on Tuesday February 10, 2026 @02:24PM (
#65980488
I have MS own laptop, which was gifted to me, and it allows me to disable secure boot in BIOS settings. It gives me angry red banner with unlocked lock, but other than that it does not prevent booting. Is that not an option on most hardware?
Share
Re:
Score:
by
TwistedGreen
( 80055 )
writes:
Yes it's always an option. There's rarely a reason to enable it unless your workplace forces it on.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
You got that completely backwards. There's no reason to disable it unless you're running an unsigned boot process (e.g. dual booting with Linux without bothering to setup secure boot, or regularly trying to boot systems from USB sticks). There's literally no downside to the end user and only increased security.
Re:
Score:
by
gweihir
( 88907 )
writes:
Indeed. It is basically worthless for security, all it does is cause problems.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
Is that not an option on most hardware?
It is a *required* option of any BIOS on a device sold with Windows Hardware Certification (on x86). Microsoft does not enforce it for ARM devices. Even Microsoft first party devices like Surface Laptops allow you to disable secure boot.
Re:
Score:
by
CommunityMember
( 6662188 )
writes:
I have MS own laptop, which was gifted to me, and it allows me to disable secure boot in BIOS settings. It gives me angry red banner with unlocked lock, but other than that it does not prevent booting. Is that not an option on most hardware?
Disabling secure boot is an option on most hardware, however, there are some applications/features that will not fully operate if secure boot is not enabled, and that includes some multi-player games.
Re:
Score:
by
G00F
( 241765 )
writes:
and that includes some multi-player games.
I've ran into this, sucks so bad, I have to give in to this kind of crap for kids to play w/ their friends otherwise they get left out of friendships.
All this "security" isn't anything other than forced obsolescence. (in all its forms, from phones, etc)
Re:
Score:
by
gweihir
( 88907 )
writes:
All this "security" isn't anything other than forced obsolescence. (in all its forms, from phones, etc)
Yes. And DRM. Not made to help you or protect you.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
If it takes forced obsolescence to protect idiots from themselves then maybe it's a good thing.
Re:
Score:
by
luther349
( 645380 )
writes:
dont buy that garbage theirs no no reason for games to be using tpm other then locking you into windows.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
You also don't need to disable secure boot. The certificates are used to sign the bootloader. The system will continue to boot just fine, it just may have problems if something changes on the bootload,
... which won't happen because you aren't getting updates. And if you are getting updates one will give you a new certificate.
This is a nothing burger for the end user, other than their systems will have secure boot sitting in a somewhat compromised state.
Re:
Score:
by
Charlotte
( 16886 )
writes:
Strictly speaking TPM hardware is not required for Windows 11 to install or operate, and secure boot isn't either. You just have to bypass/ignore all the warnings.
All this leaves you without secure boot as an added bonus, so no downsides.
Re:
Score:
by
gweihir
( 88907 )
writes:
Or you install and then turn TPM off.
The one place I have it on is on my teaching laptop, because I have exams and grades on there and hence BitLocker. But if BigBlueButton works (trying this semester), I can get off Teams and move that machine to Linux. I finally eliminated PowerPoint end of last year (LibreOffice and LaTeX for slides now).
Re:
Score:
by
thegarbz
( 1787294 )
writes:
All this leaves you without secure boot as an added bonus, so no downsides.
Yeah except no signed boot process, so possibility for reboot persistent malware, failure for some anti-cheat systems to work so some games don't work. Your Windows Hello key stored on device insecurely, the inability to apply automated full disk encryption...
The really stupid part about all of this is that there are no downsides to some part of this discussion. There are no downsides to having TPM and SecureBoot enabled. It does provide a meaningful benefit, and anything that actively uses it nefariously a
Re:
Score:
by
tijgertje
( 4289605 )
writes:
The downside: your machine failing to boot when the motherboard battery goes dead. Been there, got that.
Battery went dead and the machine promptly forgot all the keys. Now I can fix that, but the average person can not.
Re:
Score:
by
AmiMoJo
( 196126 )
writes:
In fact part of the Secure Boot standard is that it must be possible to disable it, and it must be possible to install your own Secure Boot keys.
Microsoft also made keys for signing Linux kernels available, if you want to use Secure Boot with that and with the default keys. Of course, you can use your own keys as well.
Bullshit
Score:
, Insightful)
by
quonset
( 4839537 )
writes:
on Tuesday February 10, 2026 @02:29PM (
#65980500
Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates.
Microsoft should be required to provide a certificate without any restriction. How many tens of millions of computers still run W10? Forcing people to enroll in something just to get a required update should be an automatic penalty.
Share
Re:
Score:
by
Anonymous Coward
writes:
lol we're waaayyy past that, big guy
Re:
Score:
by
rsmith-mac
( 639075 )
writes:
It's a bit of a moot point. Systems that aren't receiving general OS updates wouldn't receive updated bootloaders anyhow. So they wouldn't need the updated certificates that allow for bootloaders signed after June 2026.
It gets a bit tautological, but only systems that are getting updates need updates.
Re: Bullshit
Score:
by
ByTor-2112
( 313205 )
writes:
I think that your completely correct point is lost on most people. They don't realize that a signature is valid if the certificate was valid at the time of signing, not that the certificate must be valid for the life of the universe.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
No one is forced to enrol in anything. Windows 10 is no longer secure. Simply disable secure boot in the BIOS and move on with your life. You're not getting anything running secure boot on a system which isn't receiving basic security updates anymore.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
Actually I was wrong in my other post. Not only are you not forced to enrol in anything, you also don't need to disable secure boot. Nothing changes for the end user. Either you get updates, which updates the certs. Or you don't get updates, in which case there's nothing that would change the bootloader (which remains signed and bootable).
Secure boot is optional for all people affected and their systems will continue to boot just fine even with it on.
Re:
Score:
by
thesandbender
( 911391 )
writes:
This is a corporate stupidity tax that has blowback on consumers. It works like this:
- A lot of corporate clients require certified/"blessed" stacks
- They have legacy software that doesn't support Windows 11 so they have to use Windows 10.
- Microsoft (Oracle/IBM/etc) sales staff figures out how much cost they'll tolerate before they move to something else
- They then charge you $0.01 below that.
When Y2K was a thing we still had some o.g. NT 3.x (I think 3.1) servers running. IT refused to update them
new way
Score:
by
groobly
( 6155920 )
writes:
New way to own a brick.
Linux distros work with Secure Boot
Score:
by
93 Escort Wagon
( 326346 )
writes:
At least, they do NOW. Let's see if Microsoft breaks things for Linux as part of this update...
Re:
Score:
by
CommunityMember
( 6662188 )
writes:
At least, they do NOW. Let's see if Microsoft breaks things for Linux as part of this update...
LInux (if your distro has fwupd installed and enabled to offer the update) has been offering to install some of the new certs for a while now.
At least one distro has had a test day to validate that it is possible to sign their boot loader with various combinations of the old/new keys. I expect additional testing across the Linux distro eco-system (as some hardware is just so interesting).
Many manufacturers (that still support your hardware) will be issuing new bios firmware that also include the newer
Re:
Score:
by
93 Escort Wagon
( 326346 )
writes:
I have about 70 machines (Dell) I'll need to take care of. AlmaLinux supports fwupd, but for whatever reason (at least on my test box) fwupdmgr keeps telling me there's no available firmware, which is demonstrably incorrect. We do have a password set on the firmware, so I've been assuming that is the issue and I'm gonna need to visit every machine with a USB stick.
Re:
Score:
by
thegarbz
( 1787294 )
writes:
At least, they do NOW. Let's see if Microsoft breaks things for Linux as part of this update...
Your post is dumber than usual. This is literally the point Microsoft is making, they are updating the Microsoft UEFI CA cert which is used for example to sign Linux bootloaders, and the Key Exchange Key which allows modifying the database of allowed signatures to enable Linux secure boot.
Nothing else about the way Linux keys are signed changes. Nothing about secure boot allowing a user to use their own keys changes (Microsoft's only involvement in Linux is allowing Linux to boot with an MS shim, that's not
Re: Linux distros work with Secure Boot
Score:
by
dorro101
( 10503054 )
writes:
I updated my BIOS yesterday, in the BIOS I had to switch shit off, CSM, SVM, or some variety of acronyms, not sure, was already several puffs in, secure boot included, and then proceeded to install Fedora. After a reboot I switched shit back on, and Gnome Software helpfully asked to install two certificate thingies, my memory was even hazier by this stage...
Re:
Score:
by
thegarbz
( 1787294 )
writes:
You probably meant switching it on. CSM is the compatibility support module. Enabling this disables secure boot which for the purpose of installing Linux would allow you to boot any ol' bootable media. Once your system is installed one of two things happen, either you manually have to load the new Key Exchange Key and Cert into the UEFI, or the easier option (the one that many people will use, and anyone who is dual booting will be forced to use) is have the installer automatically load a Machine Operator K
Handy reminder!
Score:
, Funny)
by
zmollusc
( 763634 )
writes:
on Tuesday February 10, 2026 @03:28PM (
#65980652
That reminds me that I need to check the security system on my henhouse which ensures that _only_ foxes, and no other predator has 24h access.
Share
Via Windows Update?
Score:
by
usedtobestine
( 7476084 )
writes:
Or is it only CA certificates that can only be loaded directly from Microosft.com?
Fortunately I have that crap switched off
Score:
by
gweihir
( 88907 )
writes:
All it does is cause problems. DRM, not "security"...
Re:
Score:
by
thegarbz
( 1787294 )
writes:
Oh you're so clever. Let me guess you don't use passwords either because you're at risk of forgetting them.
Hint: DRM is in someone else's control. Secure boot is in yours. You can load whatever key you want into BIOS. It's your security system to use the way you want. Or you can take the stupidest approach and just turn it off.
By the way this is causing problems for zero people. Linux users are using their own keys. Windows users will have new certificates issued. And Windows users who don't get updates and
Re:
Score:
by
Errol backfiring
( 1280012 )
writes:
You can load whatever key you want into BIOS
That is what the discussion is about. It is not the user who loads they key, but Microsoft.
Hmmm...
Score:
by
johnnys
( 592333 )
writes:
"Windows 10 users must enroll in Microsoft's paid Extended Security Updates program to get the new certificates. "
Holding your system to ransom. You never really thought it was "your" PC, did you?
Re:
Score:
by
ledow
( 319597 )
writes:
This is why I bought a Framework laptop.
I'm pretty confident that, if it came to it, the BIOS would let me enter a "Linux" UEFI key of my choosing, not just be locked to the Microsoft ones.
As it is, it barely matters as the machine only runs Linux anyway, and I don't have a single Windows machine in my house as of Christmas.
I wonder if that had anything to do with Windows 11, Microsoft enshittification, etc. etc. etc. etc.?
What happens if the deadline is missed?
Score:
by
ZiggyZiggyZig
( 5490070 )
writes:
Serious question here. Let's say I have an offline computer for whatever reason that can't connect to the internet, or maybe I have a legacy Windows 10 computer that can't get extended updates. What happens after June / October 2026? Can the machine still boot? Or does it become an expensive paperweight?
This reminds me of the way root certificates are managed on Android devices. Stopping system updates makes the device basically unusable after a few years because the root certificates are not updated anymor
Late June
Score:
by
allo
( 1728082 )
writes:
A certificate that expires late june should have been renewed a year ago. I already see the cases of computers that were off for a long time or just failed updates with little time to fix before the certificate expires. I wonder if you can turn back the clock or if secure boot has measures against that.
Related Links
Top of the:
day
week
month
384
comments
Does a Gas-Guzzler Revival Risk Dead-End Futures for US Automakers?
377
comments
Americans' Junk-Filled Garages Are Hurting EV Adoption, Study Says
363
comments
Americans are Buying Twice as Many Hybrids as Fully Electric Vehicles. Is The Next Step Synthetic Fuels?
323
comments
EV Sales Keep Growing In the US, Represent 20% of Global Car Sales and Half in China
314
comments
China Is Mass-Producing Hypersonic Missiles For $99,000
next
The US Is Flirting With Its First-Ever Population Decline
339
comments
previous
A Bitcoin Blunder for the Ages: $40 Billion Accidentally Given Away
67
comments
Slashdot Top Deals
He's like a function -- he returns a value, in the form of his opinion.
It's up to you to cast it into a void or not.
-- Phil Lapsley
Close
Working...