Secure Boot certificates protect your computer’s boot process, but the original certificates from 2011 to end in June, so Microsoft plans to introduce a Safe Boot status dashboard in Windows to help users check if they’re still protected.
Starting this month, a new status page will appear Windows Security app where the company has added a Safe Download status indicator below Device security > Secure Download.
“Windows Security now shows whether your device has received these updates, what your current status is, and whether any action is needed,” Microsoft he says on the new support page.
The status indicator will show one of three icons. A green color indicates that your computer is up to date. Yellow means there is a security advisory from Microsoft, and it may prompt you to install a firmware update to get the new certificates.
(Credit: Microsoft)
At the same time, a red icon indicates that your computer cannot accept new Secure Boot software certificates. “This situation appears only after a security vulnerability is discovered that affects the download process and cannot be serviced on devices that have not received updated certificates. This may occur in June 2026, when some current Secure Download certificates begin to expire,” the company said.
Microsoft will also display a detailed status message advising users of what they can do to resolve the issue, including updating the Windows operating system or contacting your device manufacturer.
Get our best stories!
Stay Safe with the Latest Security News and Updates
By clicking Sign Me Up, you confirm that you are 16+ and agree with us Terms of use and Privacy Policy.
Thank you for signing up!
Your subscription has been confirmed. Watch your inbox!
Secure Boot prevents and ensures that only valid software is running during the boot process of your computer malware It may continue even after the OS is reinstalled. The problem is that a large number of PCs are still stuck with Windows 10, which lost support in October, meaning the OS will no longer receive software patches. In February, Microsoft warned that these Windows 10 PCs would also not receive the new Secure Boot certificates.
The only exception is for computers enrolled in the Windows 10 Extended Security Updates program, which US users can sign up to use. two free options. Microsoft told us that the new Secure Boot status indicator is coming only to Windows 10 ESU PCs. So, if your computer remains on an unsupported version of Windows 10, then you should assume that your certificates will expire from June.
Computers on Windows 11 and Windows 10 ESU systems must obtain new software certificates”automatically” via regular monthly Windows updates. However, a small percentage of computers may need a separate firmware update from their PC or motherboard manufacturer before they can download the new certificates, i.e. the yellow and red badges.
Recommended by our editors
If you don’t buy new certificates, your computer will still work. But Microsoft warns: “The device will enter a degraded security state that limits its ability to receive future boot-level protection,” leaving it open to potential “boot-level vulnerabilities” that hackers could try to exploit. Running Windows 10 is a security concern, as some older computers do not meet these requirements system requirements To upgrade to Windows 11.
Microsoft’s support page states that if your status page shows a red icon, users can select “I accept the risks, don’t remind me.”
Notifications about a Secure Boot problem will also be propagated outside of Windows Security. The support page adds: “Starting in May 2026, additional improvements will be available, including out-of-app notifications (such as system alerts) and additional in-app guidance and controls to help you respond to Safe Download alerts.”
About our specialist
Michael Kahn
Great reporter
Experience
I have been a journalist for more than 15 years. I started as a school and city reporter in Kansas City and joined PCMag in 2017, covering satellite internet services, cybersecurity, computer hardware, and more. I currently live in San Francisco, but previously spent over five years in China covering the country’s technology sector.
Since 2020, I’ve covered the launch and explosive growth of SpaceX’s Starlink satellite internet service, writing more than 600 stories on availability and feature launches, as well as regulatory battles over expanding satellite constellations, battles with rival providers like AST SpaceMobile and Amazon, and efforts to expand into mobile satellite-based service. I scoured FCC filings for the latest news and traveled to remote corners of California to test Starlink’s cell service.
I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. Earlier this year The FTC forced Avast to pay $16.5 million for secretly collecting consumers’ personal information and selling it to third-party clients, as revealed in my joint disclosure investigation with the motherboard.
I also cover the PC graphics card market. Disadvantages during the pandemic he took me to the camp In front of Best Buy to buy an RTX 3000. I am now watching how President Trump’s tariffs will affect the industry. I’m always eager to learn more, so please leave feedback in the comments and send me tips.
Read Full Bio
