Need New Boost Trust Certificate for Dell XPS 9360 Laptop

My Dell XPS 9360 laptop with an 8th gen Intel CPU running Windows 11 needs the updated Boot Trust Certificate. Everything is up to date including the BIOS from Dell (dated June 2022). Will Microsoft still rollout the updated certificate or do I force the update manually?

Your PC is unsupported (too old) for the normal Secure Boot CA 2023 migration.

It's possible for the factory Secure Boot certs to be deleted, which allows a replacement set of Windows OEM certs (provided by MS) to be installed. There's an update script for this process, but it requires you to navigate the BIOS setup screens (depends on your Dell model) to perform the manual deletion steps.

Before doing anything, explore the BIOS menus. Under Secure Boot options:

Yes to both questions.. Should I do this?

Here are the instructions to follow:

1. Confirm BitLocker is not enabled on system drive, and you're not using Windows Hello PIN for logon. Disable both of them if enabled. Otherwise you may be asked to provide the recovery key or password for BitLocker.

2. Disable Secure Boot mode.

3. Change from Standard Mode to Custom Mode.

4. Delete all Secure Boot keys. If this process doesn't work, you can always choose reset to (Secure Boot) factory defaults.

5. Restart Windows. Download the update script from this thread:
garlin's PowerShell scripts for updating Secure Boot CA 2023

6. Run the update script: