From Newsgroup: alt.privacy.anon-server
In article <
20260519.033010.5beadf0b@mixmin.net>,
noreply@mixmin.net
says...
Imagine following all the Micro$oft rule$, setting up your computer, >creating a Micro$oft account and configuraing your computer to be "safe" >with UEFI and "Secure Boot".
Except the certificate expires in June 2026 and it won't boot after that.
If your computer has no entitlement, it cannot get the updated certificate >and you are shit out of luck.
Anything 2023 forward supposedly is okay and will get updates. Before
that? Tough.
What if it doesn't? All your boots are belong to us data recovery
companies.
I asked CoPilot the following question:
**Prompt
I understand that Windows 10 computers will need their secure boot certificates updated soon. I've checked all the computers I have
running Windows 10 (all enrolled in Extended Security Updates) and all
are already updated. But if a friend has a Windows 10 computer which is
not enrolled in ESU, and they do nothing, will their computer suddenly
cease to boot? And if so, what can they do about it?
**Response**
Short answer: No ? your friend?s PC will not suddenly stop booting. But
it will gradually become less secure and may eventually run into edge-
case issues.
Here?s the full picture.
What actually happens in June 2026:
Microsoft?s original Secure Boot certificates (from 2011) start expiring
in June 2026. These are used very early in the boot process to verify
trusted code.
If a machine does not receive the new 2023 certificates, then:
* It will still boot normally
* Windows will still run
* It will lose the ability to receive future Secure Boot / boot-chain
security protections
* Its security will gradually degrade over time
Microsoft explicitly states that systems without the update will
continue to start and operate normally, but will not receive new
protections for the early boot process.
Multiple sources confirm this is not a ?PC stops working? situation ?
the system keeps running, but becomes less secure.
What?s different for Windows 10 without ESU:
* Windows 10 support ended in October 2025
* Only systems enrolled in Extended Security Updates (ESU) continue
receiving updates
* The new Secure Boot certificates are delivered via Windows Update
Therefore:
A Windows 10 PC without ESU will not receive the updated certificates automatically.
Such systems will:
* Keep using the old (expiring) certificates
* Miss future Secure Boot improvements permanently
Does anything actually break?
For most users, nothing obvious happens immediately.
However, over time:
1. Security becomes weaker
The system cannot receive updates to bootloader trust or protections against new low-level threats.
2. Some features or scenarios may be affected
For example:
* BitLocker behaviour or protections
* Some third-party boot tools or components
* Future fixes to boot-level vulnerabilities
3. Rare edge-case issues can occur
In unusual cases (e.g. firmware or update problems), there could be:
* Boot validation warnings
* Recovery prompts
* Startup issues
These are not expected for most users, but are possible.
So will the PC suddenly stop booting?
No.
There is no hard cutoff or ?deadline? where systems suddenly fail. This
is not like Y2K.
A better way to think of it:
The PC continues working, but is effectively frozen at its current level
of boot security.
What can your friend do?
If they are running Windows 10 without ESU, the realistic options are:
1. Upgrade to Windows 11 (best option, if hardware supports it)
This ensures continued updates and automatic certificate updates.
2. Enrol in ESU (if still available)
This is the only supported way to stay on Windows 10 and receive the
new certificates.
3. Replace the device
This may be necessary for older, unsupported hardware.
4. Try manual or advanced fixes
* Install firmware (BIOS/UEFI) updates from the manufacturer
* Attempt manual Secure Boot certificate updates
These are more complex and not guaranteed.
5. Do nothing
The PC will keep working, but with increasing security risk over
time.
Bottom line:
* The PC will not suddenly fail to boot
* Unsupported Windows 10 systems will gradually fall behind
* The real issue is long-term security, not immediate usability
***
--
--
Phil, London
--- Synchronet 3.22a-Linux NewsLink 1.2