Over recent months, Microsoft has been actively implementing significant modifications to the Secure Boot certificate system in Windows 11. The developers have repeatedly cautioned users that come June, their computers might experience operational disruptions if the outdated cryptographic keys are not updated promptly.
The company emphasizes that June 24th should not be viewed as a strict “deadline” after which vulnerable systems will completely lose their secure boot capability. This specific date is tied solely to the expiration of one of the keys that facilitate this function. However, the architecture includes a fallback mechanism: a secondary database key with a validity period extending until October 2026.
As noted by PCWorld analysts, the absence of updated Secure Boot certificates by the specified date does not equate to a critical failure. It is anticipated that Microsoft will continue to support the boot manager using the backup key until October. Nevertheless, owners of systems that have not undergone the update will face a range of functional limitations. Notably, their computers will lose the ability to receive current blacklists, which contain digital signatures of compromised or malicious bootloaders. Without these updates, the operating system’s defense against potential threats will be considerably weakened, as the system will be unable to automatically block dangerous components.
About the Author
