With the June 24, 2026, expiration of the unique Microsoft Protected Boot KEK certificates now days away, Microsoft held its 2d reside “Ask Microsoft Anything else” consultation on June 4 to handle the flood of questions nonetheless coming in from IT directors and endeavor consumers.
The panel integrated Arden White (most important safety engineer, Home windows Servicing and Supply), Kevin Sullivan (Home windows ecosystem and business engagement), Richard Powell (engineering staff), Scott Shell (endeavor and safety, protected boot structure and design), and Jason Sandys from the Intune product crew.
If you happen to ignored our protection of the primary AMA, Microsoft already printed what occurs to Home windows 11 PCs in the event you forget about the Protected Boot time limit. This 2d consultation went deeper into specifics that the primary one left unanswered, specifically round endeavor rollouts, digital machines, PXE boot eventualities, briefly paused software buckets, and what IT admins must do in the following couple of days.
Here’s our detailed have a look at the whole thing that got here out of Microsoft’s Protected Boot AMA consultation.
June 24 isn’t a troublesome forestall for Protected Boot, however what adjustments that day is essential
Probably the most urgent query used to be whether or not June 24, the expiration date of the Microsoft Company KEK CA 2011 certificates, is a troublesome time limit and then the registry-based handbook rollout way stops operating. Scott Shell’s resolution is that it’s not.
The June 24 date applies in particular to the KEK key expiration. The DB key, which is a separate certificates, does now not expire till October. And significantly, all of the replace payloads that experience already been signed, the DB replace, the registry key and scheduled job mechanism, will proceed to paintings precisely as they did sooner than that date. “There’s no finish date the place the registry key and the replace forestall operating,” Shell showed.
What does trade after June 24 is Microsoft’s talent to signal new DBX payloads, which can be the revocation updates that blacklist compromised or malicious bootloaders. If a tool does now not have the brand new KEK put in, it will pass over a few of the ones long run revocations, which means that the software will steadily turn into much less protected over the years as Microsoft discovers and acts on new bootloader vulnerabilities, however it is going to now not unexpectedly forestall booting at the twenty fifth.
The DB key does now not expire till October, so Microsoft expects to signal a couple of extra boot managers with that key within the intervening time.
The June replace will push the majority of mainstream gadgets to excessive self assurance
One of the vital extra encouraging issues from the consultation used to be about what the June Patch Tuesday replace will do for software protection. The staff showed that once the June replace, the majority of programs that Microsoft has diagnostic knowledge for might be categorised as excessive self assurance. Now not they all, however maximum.
Kevin Sullivan added helpful context right here. When Microsoft talks about software buckets, it’s not merely grouping by means of producer and fashion title. The arrogance evaluation is going right down to the firmware model and the firmware date. So a mainstream PC this is differently similar would possibly take a seat in a distinct bucket than a unit with a distinct BIOS revision, which means that IT admins can not suppose that as a result of one unit of a selected fashion is excessive self assurance, each and every unit of that fashion is.
The Intune tracking file, up to date in mid-Might, is the really useful technique to see precisely the place gadgets stand. Jason from the Intune staff famous that the file presentations whether or not a tool is within the excessive self assurance bucket, whether or not the replace has already been carried out, and which gadgets would possibly nonetheless want handbook intervention. The file and a significant other PowerShell remediation script are each to be had, they usually successfully do the similar activity thru two other get admission to paths.
What “briefly paused” way in Protected Boot, and what to do about it
A lot of endeavor consumers stated they have been seeing gadgets caught in a “briefly paused” bucket, which is understandably alarming when the time limit is days away. The staff’s rationalization is this standing at all times issues within the path {that a} firmware replace from the OEM is wanted.
The mechanism in the back of that is that Microsoft’s rollout machine on occasion detects a compatibility factor on the firmware point that may make making use of the certificate dangerous on a selected software. Relatively than chance a failed replace, the machine pauses. The OEM is anticipated to factor a firmware replace that resolves the underlying factor. As soon as that firmware replace is carried out, the software strikes into a brand new bucket since the firmware model has modified, and the brand new aggregate will get its personal classification.
Scott Shell made a very powerful level about find out how to observe this. If you are taking a firmware replace and the software strikes to a brand new bucket, the outdated bucket does now not trade. Taking a look at a spreadsheet you exported final month and checking whether or not the outdated bucket transitioned will provide you with the mistaken resolution. The bucket itself remains paused eternally, as a result of that firmware model used to be paused. The software has merely moved to a brand new bucket, that could be below statement or excessive self assurance. Checking reside knowledge from Intune or the GitHub CSV is the one dependable technique to observe exact software standing.
The aka.ms/GetSecureBoot touchdown web page features a checklist of OEM improve pages the place firmware updates may also be situated for many main producers. It’s price checking that first sooner than making an attempt any handbook overrides on a paused software.
For context, this factor isn’t solely unexpected. Home windows Newest reported previous this yr that Protected Boot 2023 updates have been failing throughout some PCs as a result of firmware incompatibilities, and the issue became out to be wider than to begin with obvious. In a while after, OEMs admitted that their very own updates have been bricking Home windows 11 machines with BitLocker loops and BSODs as a right away results of speeding out firmware to fulfill the Protected Boot time limit. That is precisely why Microsoft’s phased rollout exists and why the briefly paused standing is a caution, now not one thing to pressure thru with out a firmware replace first.
Don’t watch for excessive self assurance if you’re already managing your personal rollout
One of the vital clearest items of steering from the consultation used to be geared toward admins who’ve been conserving off on handbook rollouts whilst looking forward to their gadgets to achieve excessive self assurance. The staff stated don’t wait to any extent further.
If a tool is within the excessive self assurance bucket, Intune will deal with it robotically. No admin motion is wanted for the ones gadgets. However for the rest that isn’t in excessive self assurance, white field machines, much less not unusual OEM configurations, older servers, or gadgets for which Microsoft has restricted telemetry knowledge, the really useful method is to set the registry price or identical Intune settings catalog coverage to pressure the replace procedure to run.
The workflow the staff described for Intune-managed environments is to tug the tracking file, establish gadgets that experience now not but carried out the replace, pick out one consultant software of every fashion or firmware variant, push the coverage, and watch for it to turn a a hit state sooner than increasing the rollout. Scott Shell’s recommendation on which gadgets to pick out first used to be to prioritize gadgets which can be lively and available, steer clear of selecting machines belonging to far flung workers who’re arduous to touch, and don’t pick out gadgets that would possibly get powered off for per week with out a telemetry coming again.
As Jason Sandys from Intune discussed, “If Microsoft has already put it within the excessive self assurance database, it’s treated. However there are possible onesie twosies, white bins and different issues that don’t have any means of creating themselves identified to us, so you will want to pressure that.”
Microsoft additionally inspired admins to notice that doing the handbook rollout on gadgets that don’t seem to be but within the excessive self assurance database is helping Microsoft. The telemetry from a hit updates will get fed again into the arrogance machine, which is helping different organizations that experience the similar unusual software.
Protected Boot off? You can’t replace certificate, and turning them on later is dangerous
A query from any individual managing Azure Digital Desktop, Azure VMs, and Intune-managed endpoints requested what occurs to machines the place Protected Boot is lately became off. The solution from Scott Shell used to be unambiguous.
When Protected Boot is disabled, Microsoft can not replace the certificate. The firmware merely is not going to permit it, and there may be not anything Microsoft can do about that on the running machine point. Those machines are already inherently prone to the class of assaults that Protected Boot exists to stop, and that state of affairs does now not trade on account of the certificates expiration.
The trickier query is what occurs when you make a decision to show Protected Boot again on later. Shell walked thru the issue, pronouncing that if a gadget has Protected Boot disabled, Microsoft will nonetheless replace the boot supervisor to the 2023-signed model. That boot supervisor is able to run. However while you cross to allow Protected Boot in UEFI, the certificates set that Protected Boot enforces has to check what’s signed at the boot supervisor. If the firmware’s agree with database most effective incorporates the 2011 certificates however the put in boot supervisor is signed by means of the 2023 certificates, the gadget is not going to boot.
Recuperating from that calls for manually putting in the 2023 certificates into the firmware, which is documented at aka.ms/GetSecureBoot. Shell recommended someone making plans to show Protected Boot on for the primary time or re-enable it to check moderately first, since the failure mode is a gadget that doesn’t boot, and you want to have a hands-on keyboard to mend it.
For Azure Gen 2 VMs with protected release or relied on release enabled, Microsoft has already up to date the default certificates set to 2023, so the ones must be in a greater place by means of default. Gen 1 VMs are BIOS-era machines that can not improve Protected Boot in any respect.
What determines whether or not a tool is within the excessive self assurance bucket to get Protected Boot certificate
The staff used to be requested why older fashions have been getting excessive self assurance classification quicker than more moderen, supposedly mainstream ones. The rationale is counterintuitive however is smart as soon as you know how the arrogance machine works.
Older fashions have smaller populations. A smaller pool of gadgets will get validated as excessive self assurance extra briefly since the statistical requirement for self assurance is met quicker. Very massive populations of more moderen, broadly deployed fashions take longer as a result of Microsoft wishes sufficient a hit replace telemetry to be statistically assured that the rollout is secure around the complete distribution of that software’s firmware variants.
The excellent news is that the June replace is anticipated to dramatically increase the high-confidence bucket for lots of of the ones not unusual more moderen fashions. The staff expressed self assurance {that a} important addition of gadgets would apply the June Patch Tuesday free up.
PXE boot environments want cautious sequencing
One of the vital extra technically exact questions within the consultation got here from any individual managing PXE boot infrastructure. The query requested whether or not PXE boot would nonetheless paintings for machines that experience most effective the 2011 certificates, so long as that certificates isn’t but within the DBX revocation checklist.
Scott Shell known as it “a super query.” The solution is sure. So long as the 2011 certificates isn’t in DBX, machines that most effective have the 2011 certificates will proceed besides PXE pictures signed by means of that certificates. The expiration date of the certificates does now not have an effect on whether or not in the past signed content material is relied on. What issues is the signing timestamp.
The sensible recommendation for PXE environments isn’t to replace the PXE bootloader to at least one signed by means of the 2023 certificates till all machines within the surroundings that can boot from that PXE server have the 2023 certificates of their agree with database. If you happen to replace the PXE bootloader sooner than all machines have the brand new cert, machines that most effective agree with the 2011 signature will fail besides from PXE.
Kevin Sullivan flagged any other factor to be careful for right here. New gadgets are beginning to send from some OEMs with most effective the 2023 certificate, now not each. The ones machines won’t be able besides PXE media signed by means of the 2011 certificates. In case you are imaging new {hardware} the usage of older PXE bootloaders, chances are you’ll already be hitting this factor. All over the transition length, having two USB sticks, one signed by means of 2011 and one by means of 2023, is also essentially the most pragmatic method for organizations that want to deal with each.
Home windows 10 and older OS variations get the similar replace mechanism
A consumer requested whether or not the Protected Boot replace habits differs between Home windows 10 below ESU and Home windows 11. The solution is not any. The underlying code that handles the certificates updates is the same throughout each. The similar job that runs on Home windows 11 additionally runs on Home windows 10 or even on Home windows Server 2012 and 2012 R2.
The only trade for older servers is that lots of them both didn’t send with Protected Boot enabled by means of default or are operating with configurations that don’t file telemetry knowledge. This implies they’re much less more likely to had been categorised as excessive self assurance, now not as a result of any OS distinction, however as a result of Microsoft has much less knowledge on them. For the ones gadgets, the handbook registry key method is the really useful trail.
Match logs and registry keys are your best possible diagnostic gear
All over the consultation, the staff many times pointed to tournament log entries as essentially the most dependable technique to perceive what is going on on a selected software. The related tournament supply is the TPM-WMI tournament log, and the entries to search for are numbered:
- 1801 signifies that the software is being tracked and the replace is wanted, however extra knowledge is needed.
- 1802 issues to a selected firmware-level factor, most often the explanation a tool is in a briefly paused state.
- 1803 can display a failure to use the KEK as a result of there’s no PK-signed KEK payload to be had.
For digital machines the place the Platform Key used to be set to an invalid or unsigned price, the 1803 tournament will lend a hand establish that the KEK can’t be up to date, and the trail ahead is operating with the hypervisor seller to right kind the PK configuration sooner than retrying.
If KEK is the one factor that failed, however the 2023 DB certificate are already provide, the software would possibly nonetheless be in an appropriate state. The staff’s steerage used to be to make sure that each the KEK and the DB certificate are the 2023 variations. If the 2023 DB certificate are there, the software can nonetheless serve as securely, however it is going to now not obtain long run DBX revocation updates till the KEK could also be up to date.
For the whole thing discussed within the consultation, Microsoft’s central useful resource is aka.ms/GetSecureBoot, which has the overall playbook, diagnostic scripts, OEM firmware hyperlinks, and detailed documentation for each house customers and endeavor IT. The Intune tracking file for Protected Boot is on the hyperlink that used to be shared throughout the consultation. Scripts shipped with the Might replace are within the System32 folder and likewise documented on that very same web page.
For the reason that HP’s firmware problems and wider Protected Boot screw ups have already proven how briefly this may cross sideways, Microsoft’s “take a look at one first” recommendation is the most secure trail to getting a big fleet up to date sooner than the KEK stops being helpful for signing long run safety revocations. Microsoft additionally reiterated that the Driving force High quality Initiative it introduced at WinHEC 2026 is a part of a extra complete dedication to stop a lot of these ecosystem-wide disruptions at some point, despite the fact that for now the Protected Boot time limit stays fast.
