Microsoft is rolling out new Secure Boot certificates through Windows updates to replace the original ones expiring in June 2026. This update enhances security by ensuring that only trusted software can load during startup. Devices on unsupported Windows versions won’t receive these updates and will enter a "degraded security state."

Microsoft has resolved a boot issue affecting Linux on dual-boot systems with Secure Boot enabled after the August 2024 Windows security updates. The problem stemmed from an incorrectly applied Secure Boot Advanced Targeting update, which has now been fixed in the May 2025 Patch Tuesday updates. Users are advised to update their devices to incorporate this resolution.

Researchers have identified two Secure Boot exploits, with Microsoft addressing only one in its latest security update. The patched vulnerability, affecting over 50 device manufacturers, allows attackers with physical access to disable Secure Boot and potentially install malware before the operating system loads. The exploit's root cause lies in a critical vulnerability in firmware flashing tools used by DT Research, which were improperly authenticated for wider device compatibility.