About Show #1037
The original Secure Boot certificate expires in June 2026! Richard talks to Richard Hicks about how Secure Boot works and how the expiration of the master certificate can leave PCs vulnerable to boot-related malware, such as rootkits. Richard discusses recent Microsoft communications on SecureBoot and how to check which certificate your machines have. Workstations using managed updates are likely already up to date, but servers are a different issue. When the certificate expires, you'll no longer receive updates to Secure Boot for known exploits, leaving your machines vulnerable. Update today!
Links
- Secure Boot Certificates Expiring
- Sony Rootkit Scandal
- Secure Boot Playbook for Windows Client
- Windows Update Management
- Registry Key Updates for Secure Boot
- Richard's Blog Post on Secure Boot EUFI Certificates Expiring
- Get-UEFICertificate in PowerShell Gallery
Recorded March 9, 2026