check before: 2023-10-01
Product:
Windows, Windows Autopatch
Platform:
Online, World tenant
Status:
Change type:
Admin impact
Links:
Details:
If you're an IT admin using Windows Autopatch, a new report is now available to monitor the status of Secure Boot across your organization. As the 2011 Secure Boot certificates start expiring in June 2026, this report helps you start by identifying devices that have Secure Boot enabled. Out of those, see which devices are fully up to date and which ones still need updated certificates.
When will this happen:
The Secure Boot status report is now available in Windows Autopatch.
The 2011 Secure Boot certificates (or CAs) start expiring in June 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2026-02-03
updated:
2026-02-03
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Windows Autopatch has introduced a tool to track Secure Boot certificate statuses across computers, helping ensure they are updated before the 2011-issued certificates expire in June 2026, thus maintaining network security.
Direct effects for Operations**
Secure Boot Certificate Expiration
If the Secure Boot certificates expire without proper updates, devices may fail to boot or operate securely, leading to potential downtime and security vulnerabilities.
- roles: IT Admin, Security Officer
- references: https://learn.microsoft.com/windows/deployment/windows-autopatch/monitor/secure-boot-status-report, https://support.microsoft.com/topic/windows-secure-boot-certificate-expiration-and-ca-updates-7ff40d33-95dc-4c3c-8725-a9b95457578e
Device Monitoring and Management
Without preparation for the Secure Boot status report, IT admins may lack visibility into which devices require updates, leading to unmanaged risks and potential compliance issues.
- roles: IT Admin, Compliance Officer
- references: https://go.microsoft.com/fwlink/?linkid=2347358, https://techcommunity.microsoft.com/blog/windows-itpro-blog/secure-boot-playbook-for-certificates-expiring-in-2026/4469235
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
