Updating Microsoft Secure Boot keys before expiration in June 2026




UPDATE 4/02:

UPDATE 2/10:

Official OEM Secure Boot guides​

If your computer still shows a yellow or red warning in the Windows Security app, or you simply want to verify that your device has received the new 2023 Secure Boot certificates, check your manufacturer’s official support page.

 Windows IT Pro Blog:

Secure Boot playbook for certificates expiring in 2026

The first set of tools and steps are now available to help you proactively update your Secure Boot certificates before they expire in June of 2026.

Secure Boot is more mature and robust today than it was some years ago. Coupled with the Unified Extensible Firmware Interface (UEFI) firmware signing process, Secure Boot uses cryptographic keys, known as certificate authorities (CAs), to validate that firmware modules come from a trusted source. This helps prevent malware from running early in the startup sequence of a Windows device.

Secure Boot certificates have always had expiration dates. New certificates help ensure that your devices stay up to date with the latest security protections. That is why your organization will need to install the 2023 CAs before the 2011 CAs start expiring in June of 2026.

Note: Need a refresher on why updating Secure Boot certificates is so important?
Many Windows PCs manufactured since 2024 already have the updated 2023 certificates. For the remaining devices, Microsoft is delivering new Secure Boot certificates through Windows monthly updates, with partner original equipment manufacturers (OEMs) making firmware updates available to help ensure compatibility.

If you wish to proactively update your Secure Boot certificates, this post contains initial steps you can take and tools you can use, with more scalable approaches coming soon. At a minimum, we encourage you to monitor the progress of your device fleet from the start.

Let’s get started. Here’s a summary of what you can do today to prepare:
  • Step 1: Inventory and prepare your environment
  • Step 2: Monitor and check your devices for Secure Boot status
  • Step 3: Apply OEM firmware updates before Microsoft updates
  • Step 4: Plan and pilot Secure Boot certificate deployments
  • Step 5: Troubleshoot and remediate common issues

Step 1: Inventory and prepare your environment​

For most devices in your organization, Microsoft will automatically update high-confidence devices via Windows Update. However, you can validate and actively roll out these updates, in which case, you would start by conducting an inventory.

Inventory

Most devices manufactured since 2012 have Secure Boot enabled, but you should always verify that. You should also check the status of the Secure Boot certificates with sample inventory PowerShell commands or by checking the value of the UEFICA2023Status registry key (it should ultimately be “updated”). Out of the devices that show up as not updated, build a small, representative sample. We recommend that you focus on the less common devices, for which high confidence determination isn’t automatic. Then follow the rest of the steps outlined in this post to pilot the certificate updates and help ensure that deployment is successful

Prepare select devices

To prepare devices for Secure Boot certificate deployment, consider how you’ll manage it. There are several approaches to managing Secure Boot certificate updates. Today, you can use registry keys or Group Policy. A Configuration Service Provider (CSP) for mobile device management (MDM), such as Microsoft Intune, is coming soon. Bookmark Windows Secure Boot certificate expiration and CA updates - Microsoft Support for the latest updates.
  1. The primary method is to deploy the certificates to devices that have been validated as ready for the update. See Step 4 when you’re ready to deploy these updates!
  2. For the more common device configurations in your environment, you can utilize two “assists” to manage your deployment:
    • Get new certificates through monthly Windows updates for high-confidence devices. This option is enabled by default for devices that are ready for new certificates. Microsoft will update these devices for you unless you opt out. To opt out, set the HighConfidenceOptOut registry key<a href="Secure Boot playbook for certificates expiring in 2026 - Windows IT Pro Blog" target="_self" rel="nofollow noopener noreferrer">ii</a> value to 1 or set the Automatic Certificate Deployment via Updates Group Policy to Disabled.
    • Opt devices in to Microsoft-managed controlled feature rollout. With registry keys, set the value of MicrosoftUpdateManagedOptIn to 1 to opt in to Microsoft-managed controlled feature rollout. The value of 0 or non-existent key means that you’re opted out. With Group Policy, configure the Certificate Deployment via Controlled Feature Rollout policy to Enabled. Note: To opt in, please configure devices to share required diagnostic data with Microsoft.
Important: All Secure Boot registry keys are under these two paths:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\Servicing


See Registry key updates for Secure Boot: Windows devices with IT-managed updates for more details.

Group Policy settings are available to you under the following path: Computer Configuration > Administrative Templates > Windows Components > Secure Boot. To get the updates that include the Group Policy for deploying Secure Boot certificate updates, download the latest Administrative Templates (.admx) for Windows 11 and Windows Server.

Step 2: Monitor and check your devices for Secure Boot status​

Check the Secure Boot status of your devices before and after deployment. Soon, you will be able to use your preferred management and reporting tools. For now, you can use registry keys or Windows Event Log events to identify which devices already have new certificates and which ones need attention.

Deployment progress

The text value of the UEFICA2023Status registry key will indicate if your certificate deployment status is not started, in progress, or updated. The value will change progressively until all new certificates and the new boot manager have been deployed successfully.

Successful deployment
  • Audit the Windows System Event Log events for Event ID 1808. This informational event indicates that the device has the required new Secure Boot certificates applied to the device’s firmware.
  • Audit the UEFICA2023Error registry key for issues. This key should not exist unless an error is pending.
  • Check that the text value of the UEFICA2023Status registry key reads as “Updated.”
Errors during deployment
  • Audit the Windows System Event Log for Event ID 1801.This error event indicates that the updated certificates have not been applied to the device. Analyze details specific to the device, including device attributes, that will help you in correlating which devices still need updating.
  • Check if the UEFICA2023Error registry key exists. If so, it indicates an error in certificate deployment. The error itself won’t appear in the Event Log. Trace related issues through Secure Boot DB and DBX variable update events.

Step 3: Apply OEM firmware updates before Microsoft updates​

Updated firmware can help prevent compatibility problems and ensure new Secure Boot certificates are accepted. If your organization has identified Secure Boot update issues or your OEM recommends a firmware update, apply the latest BIOS/UEFI update before installing Secure Boot–related Windows updates.

Some OEMs provide firmware updates that include important fixes and updated certificate stores. These updates help Secure Boot function correctly with new Windows certificates. Microsoft works closely with OEM partners to ensure these updates integrate smoothly with Windows.

Step 4: Plan and pilot Secure Boot certificate deployments​

As you’ve seen in Step 1, Microsoft can assist with your Secure Boot updates if you enable diagnostic data.

You can also deploy new Secure Boot certificates yourself for devices that don’t already have them. Choose a way to do this with registry keys, via Windows Configuration System (WinCS) command-line interface (CLI), or using Group Policy today. Pilot your desired method first on a representative set of devices to gain confidence.

In a typical enterprise deployment, whatever option you choose, allow approximately 48 hours and one or more restarts after changing configuration for updates to fully apply. See How updates are deployed for more details. For testing scenarios, you can accelerate the experience by following the steps outlined in Device Testing Using Registry Keys.

Important: Avoid mixing deployment methods on the same device. For additional technical recommendations to help you plan and deploy your Secure Boot updates, see Deployment strategies.

Option 1: Deploy certificates with registry keys​

Find the AvailableUpdates registry key located under this registry path:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot

Set its value to 0x5944 to deploy all needed certificates and update to the Windows UEFI CA 2023 signed boot manager. This key corresponds to the Group Policy setting Enable Secure Boot certificate deployment. For details, see Registry key updates for Secure Boot: Windows devices with IT-managed updates.

Option 2: Deploy certificates via Windows Configuration System (WinCS)​

New command-line tools are now available for domain-joined clients on Windows 11, versions 25H2, 24H2, and 23H2.

These include both a traditional executable and a PowerShell module to query and apply Secure Boot configurations locally to a device. For step-by-step guidance, see Windows Configuration System (WinCS) APIs for Secure Boot.

Deploy the Secure Boot updates via WinCS:
  • Feature name: Feature_AllKeysAndBootMgrByWinCS
  • WinCS key value: F33E0C8E002
  • Secure Boot configuration state: Enabled

Option 3: Deploy certificates using Group Policy​

Group Policy settings are available by navigating to Computer Configuration > Administrative Templates > Windows Components > Secure Boot.

To apply Secure Boot updates to devices using Group Policy, set the Enable Secure Boot certificate deployment policy to Enabled. This lets Windows automatically begin the certificate deployment process. This setting corresponds to the registry key AvailableUpdates.

Be sure to get the latest version of the .admx for Windows 11 and Windows Server. For more details, see Group Policy Objects (GPO) method of Secure Boot for Windows devices with IT-managed updates.

Option 4: Deploy certificates using mobile device management (coming soon)​

Soon, you’ll be able to manage Secure Boot updates using MDM solutions, such as Microsoft Intune. When this method is available, we will post updated guidance at Windows Secure Boot certificate expiration and CA updates - Microsoft Support.

Step 5. Troubleshoot and remediate common issues​

You can also use registry keys and Windows Event Log events to identify and resolve common issues:
  • The UEFICA2023Error registry key doesn’t exist if there are no errors. If it exists with a value other than 0, check your remediation recommendations in Secure Boot DB and DBX variable update events.
  • The AvailableUpdates registry key on a device is set to 0x4104. If it doesn’t clear the 0x0004 bit even after multiple restarts, the device doesn’t progress past deploying the new Key Exchange Key (KEK) certificate. If you encounter this error, check with your OEM to confirm they have followed the steps outlined in Windows Secure Boot Key Creation and Management Guidance.
  • If Event Viewer Windows Logs for System registers an Event ID 1795, it means that there was an error when Windows attempted to hand off the certificates to firmware. Check with the OEM to see if there is a firmware update available for the device to resolve this issue.

Your update strategy begins today​

Today, you can start preparing, monitoring, deploying, and troubleshooting Secure Boot certificates in advance of the June 2026 expiration date. The new registry keys, WinCS, Group Policy, and Windows Log tools are here to support you and are just the beginning. More tools for additional scenarios are in development.

For the latest information, bookmark Windows Secure Boot certificate expiration and CA updates. Looking for a specific topic?

 Source:





 Windows IT Pro Blog:

Updating Microsoft Secure Boot keys​

Microsoft, in collaboration with our ecosystem partners, is preparing to roll out replacement certificates that’ll set new Unified Extensible Firmware Interface (UEFI) Certificate Authorities (CAs) trust anchors in Secure Boot for the future. Look out for Secure Boot database updates rolling out in phases to add trust for the new database (DB) and Key Exchange Key (KEK) certificates. This new DB update is available as an optional servicing update for all Secure Boot enabled devices from February 13, 2024.

What is Secure Boot?​

Secure Boot is a security feature in the UEFI that helps ensure that only trusted software runs during the system’s boot sequence. It works by verifying the digital signature of any software against a set of trusted digital keys stored in the UEFI. As an industry standard, UEFI’s Secure Boot defines how platform firmware manages certificates, authenticates firmware, and how the operating system (OS) interfaces with this process. For more details on UEFI and Secure Boot, please refer to this article.

Secure Boot was first introduced to Windows systems with the Windows 8 release to protect against the emerging pre-boot malware (bootkit) threat at that time. Since then, Secure Boot has continued to be a part of Microsoft's Trusted Boot security architecture. Secure Boot authenticates modules such as UEFI firmware drivers, bootloaders, applications, and option ROMs (Read-Only Memory), which are firmware run by the PC BIOS during platform initialization, before they are all executed. As the final step of the Secure Boot process, the firmware verifies the Windows boot loader is trusted by Secure Boot and then passes control to the boot loader which in turn verifies, loads into memory, and launches Windows. This process coupled with the UEFI firmware signing process helps to ensure that only verified code executes before Windows, preventing attackers from utilizing the boot path as an attack vector. To learn more about how Secure Boot fits in with the overall Windows chip-t-cloud security, please refer to the Windows Security Book RWMyFE.

Trust and authenticity in Secure Boot are built using the Public-Key Infrastructure (PKI). This establishes a certificate management system which utilizes CAs to store digital certificates. These CAs, consisting of Original Equipment Manufacturer (OEM) or their delegates and Microsoft, generate key pairs that form the root of trust of a system.

bS00MDU1MzI0LTU1MTA0OWlGOEI2MDY4MzMyRDJDNzBC


Secure Boot “root of trust”: Setting trust anchors for the future​

Secure Boot’s root of trust utilizes a hierarchical system, where the Platform Key (PK) is typically managed by the OEM and used to sign updates to the KEK database. The KEK in turn signs updates to both the Allowed Signature DB and the Forbidden Signature Database (DBX).

The Secure Boot Allowed Signature DB and the DBX are integral to the functionality of Secure Boot. Bootloader modules’ signing authority must be allowlisted by the Secure Boot DB, while the DBX is used for revoking previously trusted boot components. Updates to the DB and DBX must be signed by a KEK in the Secure Boot KEK database.

The configuration of Secure Boot DB and KEK for Windows devices has remained the same since Windows 8. Microsoft requires every OEM to include the same three certificates managed by Microsoft for Windows and in support of the third-party hardware and OS ecosystem. These include the Microsoft Corporation KEK CA 2011 stored in the KEK database, and two certificates stored in the DB called the Microsoft Windows Production PCA 2011, which signs the Windows bootloader, and the Microsoft UEFI CA 2011 (or third-party UEFI CA), which signs third-party OS and hardware driver components.

All three of these Microsoft certificates expire in 2026. So, in collaboration with our ecosystem partners, Microsoft is preparing to roll out replacement certificates that will set new UEFI CA trust anchors for the future. Microsoft will be rolling out Secure Boot database updates in phases to add trust for the new DB and KEK certificates. The first DB update will add the Microsoft Windows UEFI CA 2023 to the system DB. The new Microsoft Windows UEFI CA 2023 will be used to sign Windows boot components prior to the expiration of the Windows Production CA 2011. This DB update will be optional for the February 2024 servicing and preview updates, and can be manually applied to devices. Microsoft will slowly roll out this DB update as we validate devices and firmware compatibility globally. The full DB update’s controlled-rollout process to all Windows customers will begin during the 2024 April servicing and preview updates, ahead of the certificate expiration in 2026. Meanwhile, efforts to update the Microsoft UEFI CA 2011 (aka third-party UEFI CA) and Microsoft Corporation KEK CA 2011 will begin late 2024, and will follow a similar controlled rollout process as this DB update.

While Microsoft has frequently performed DBX updates globally since the inception of Secure Boot, this will be the first DB update performed on such a large scale. We’re actively collaborating with our OEM partners to identify and address bugs in firmware implementation that could result in unbootable systems or render a device unreceptive to the DB update. To ensure a successful rollout, devices with identified issues will be suspended from receiving the update until a fix is released.

Microsoft is taking a very deliberate and cautious approach to rolling out this update. With this DB update, Microsoft will sustain its ability to service all Windows devices’ boot components.

Guidance to manually apply DB update​

The DB update is available on February 13, 2024, along with manual steps to allow customers to test for firmware compatibility, especially for organizations with fleets of devices. If you would like to manually apply the DB update to validate that your system is compatible, please read the following instructions. These actions should be completed with non-critical hardware representing devices in your environment.

Pre-requisite checks​

Before attempting the DB update, please ensure to perform the necessary pre-requisite checks:
  1. If you intend to manually apply this update to a large group of devices, we advise that you begin by rolling out to individual devices with the same firmware and specifications first to minimize the risks in the case of firmware bugs in your devices.
  2. Please verify that your UEFI firmware version is the most recent available version by your firmware vendor or OEM.
  3. For data backup steps, please refer to this guide.
  4. If you use BitLocker or if your enterprise has deployed BitLocker on your machine, ensure to backup BitLocker Keys:


    A) See this portal to ensure your BitLocker keys are backed up before your next reboot for your selfhost device. In the unlikely event that device becomes inoperable after receiving the update, the hard drive can still be unlocked.

    B) If the keys are backed up, the UI should resemble the following:

    bS00MDU1MzI0LTU1MTA1MGk5NzY0QzRENjdBQkYwRkE2


    C) If the keys are not backed up, please open Windows Search to search for “Manage BitLocker” and select Back up your recovery key followed by Save to your Azure AD or MSA account.

    bS00MDU1MzI0LTU1MTA1MWlEQkZDQTZDNDBDOEQwNzMy


    bS00MDU1MzI0LTU1MTA1Mmk5QjE2MDRBRTAyMUE1MDQ5


    bS00MDU1MzI0LTU1MTA1M2k2MzgxMUE1NEQ5NjEzREE4
For users that use a local account instead of an Azure Active Directory (AAD) or Microsoft account (MSA), you can print your recovery password, save to a file, and store it in a secure location.


 Formal DB update steps

  1. Apply the February 2024 (or later) security update.
  2. Open a PowerShell console and ensure that PowerShell is running as an administrator before running the following commands:
    1. Set the registry key to:

      Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot" -Name "AvailableUpdates" -Value 0x40
    2. Run the following scheduled task as:

      Start-ScheduledTask -TaskName "\Microsoft\Windows\PI\Secure-Boot-Update"
  3. Reboot the machine twice after running these commands to confirm that the machine is booting with the updated DB.
  4. To verify that the Secure Boot DB update was successful, open a PowerShell console and ensure that PowerShell is running as an administrator before running the following command:

    [System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match ‘Windows UEFI CA 2023’

    bS00MDU1MzI0LTU1MTA1NGlGNjJBRDlDRTNCRDJCQTIw
If the command returns “True”, the update was successful. In the case of errors while applying the DB update, please refer to the article, KB5016061: Addressing vulnerable and revoked Boot Managers.


 Source:


See also:
 
Last edited:

My Computer My Computer

At a glance

Windows 11Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz16684 MBIntel(R) UHD Graphics 630
OS
Windows 11
Computer type
PC/Desktop
Manufacturer/Model
HP Pavilion Desktop 590-p0xxx
CPU
Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz
Motherboard
843B 00
Memory
16684 MB
Graphics Card(s)
Intel(R) UHD Graphics 630
Sound Card
Realtek High Definition Audio
Monitor(s) Displays
HP 22fw 22-inch Display
Screen Resolution
1920 x 1080
Hard Drives
SSD 931 GB
HDD 1863.01 GB
Case
Tower
Cooling
Fan
Keyboard
HP
Mouse
HP
Internet Speed
550 Mbps down, 47 Mbps up
Browser
Edge
Antivirus
MS Defender, Malwarebytes
@Marcus Vinicus

Thanks for your comment.

Could you let us know please if you have Secure Boot on or off after installing these revocation files ?

Clearly you no issue with normal booting. Does that now include any USB boot for image recovery ?
 

My Computer My Computer

At a glance

Windows 11Intel i5 10210U16GbIntel UHD
OS
Windows 11
Computer type
Laptop
Manufacturer/Model
HP 15s_du1xxx
CPU
Intel i5 10210U
Motherboard
85F1
Memory
16Gb
Graphics Card(s)
Intel UHD
Sound Card
Realtek
Screen Resolution
1920 x 1080
I have no intention of doing this manual update and assume it will eventually be implemented via Windows Update.
 
Last edited:

My Computer My Computer

At a glance

Windows 11 ProCore i7-13700K64 GB Kingston Fury Beast DDR5Gigabyte GeForce RTX 2060 Super Gaming OC 8G
OS
Windows 11 Pro
Computer type
PC/Desktop
Manufacturer/Model
Self build
CPU
Core i7-13700K
Motherboard
Asus TUF Gaming Plus WiFi Z790
Memory
64 GB Kingston Fury Beast DDR5
Graphics Card(s)
Gigabyte GeForce RTX 2060 Super Gaming OC 8G
Sound Card
Realtek S1200A
Monitor(s) Displays
Viewsonic VP2770 & Dell (secondary)
Screen Resolution
2560 x 1440
Hard Drives
Kingston KC3000 2TB NVME SSD & SATA HDDs & SSD
PSU
EVGA SuperNova G2 850W
Case
Nanoxia Deep Silence 1
Cooling
Noctua NH-D14
Keyboard
Microsoft Digital Media Pro
Mouse
Logitech Wireless
Internet Speed
80 Mb / s
Browser
Chrome
Antivirus
Defender, Malwarebytes Free & AdwCleaner
I did a test with running this DB update with secure boot off. Result just shows it failed. So it will fail, obviously, in WU if you're running with secure boot off when the automatic update appears.
Updated boot media boot ok.
 

My Computers My Computers

  • At a glance

    Win 11 ProAMD Ryzen™ 7 7730U24GB Dual-Channel DDR4 @ 1596MHz (22-22-22-52)512MB ATI AMD Radeon Graphics (ASUStek Comput...
    OS
    Win 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Vivobook
    CPU
    AMD Ryzen™ 7 7730U
    Motherboard
    M1605YA
    Memory
    24GB Dual-Channel DDR4 @ 1596MHz (22-22-22-52)
    Graphics Card(s)
    512MB ATI AMD Radeon Graphics (ASUStek Computer Inc)
    Monitor(s) Displays
    Generic PnP Monitor (1920x1200@60Hz) - P1 PLUS (1920x1080@59Hz)
    Screen Resolution
    1920 X 1200
    Hard Drives
    953GB Western Digital WD
    PSU
    45 Watts
    Mouse
    Lenovo Bluetooth.
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
  • At a glance

    Windows 11AMD Ryzen 7 5800H / 3.2 GHz32 GB DDR4 SDRAM 3200 MHzNVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    ACER NITRO
    CPU
    AMD Ryzen 7 5800H / 3.2 GHz
    Motherboard
    CZ Scala_CAS (FP6)
    Memory
    32 GB DDR4 SDRAM 3200 MHz
    Graphics card(s)
    NVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Sound Card
    Realtek Audio. NVIDIA High Definition Audio
    Monitor(s) Displays
    15.6" LED backlight 1920 x 1080 (Full HD) 144 Hz
    Screen Resolution
    1920 x 1080 (Full HD)
    Hard Drives
    Samsung 970 Evo Plus 2TB NVMe M.2
    PSU
    180 Watt, 19.5 V
    Mouse
    Lenovo Bluetooth
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
I checked my desktop PC (see specs below) to see if the two boot USBs I've created work with Secure Boot enabled in the Asus UEFI bios. Also updates listed at the top of this thread completed.

The two USBs are one created in Rufus (NTFS) and the other created using the Windows Media Creation Tool (FAT32).

Both show up in the Boot Menu of the UEFI Bios and work.

Boot priority.png
 

My Computers My Computers

  • At a glance

    Windows 11 Pro 25H2Intel Core i9 13900KCorsair Dominator Platinum 64gb 5600MT/s DDR5...Sapphire NITRO+ AMD Radeon RX 7900 XTX Vapor-...
    OS
    Windows 11 Pro 25H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homebuilt
    CPU
    Intel Core i9 13900K
    Motherboard
    Asus ProArt Z790 Creator WiFi - Bios 3107
    Memory
    Corsair Dominator Platinum 64gb 5600MT/s DDR5 Dual Channel
    Graphics Card(s)
    Sapphire NITRO+ AMD Radeon RX 7900 XTX Vapor-X 24GB
    Sound Card
    External DAC: Cambridge Audio DACMagic200M - Headphone Amp: Topping L50
    Monitor(s) Displays
    Panasonic MX950 Mini LED 55" TV 120hz
    Screen Resolution
    3840 x 2160 120hz
    Hard Drives
    Samsung 980 Pro 2TB (OS)
    Samsung 980 Pro 1TB (Files)
    Lexar NZ790 4TB
    LaCie d2 Professional 6TB external - USB 3.1
    Seagate Expansion 16TB external - USB 3.2
    Seagate One Touch 18TB external HD - USB 3.0
    PSU
    Corsair RM1200x Shift
    Case
    Corsair RGB Smart Case 5000x (white)
    Cooling
    Corsair iCue H150i Elite Capellix XT
    Keyboard
    Incase Ergonomic USB (Microsoft clone)
    Mouse
    Logitech MX Master 3S
    Internet Speed
    Fibre 900/500 Mbps
    Browser
    Microsoft Edge Chromium
    Antivirus
    Bitdefender Total Security
    Other Info
    AMD Radeon Software & Drivers 26.1.1
    Hasleo Backup Suite
    Dashlane password manager
    Kensington Verimark fingerprint reader
    Logitech Brio 4K webcam
    Orico 10-port powered USB 3.0 hub
  • At a glance

    Windows 11 Pro 25H2Intel® Core™ i9-13900H32GB DDR4-3200 Dual channel*Intel Iris Xᵉ Graphics G7
    Operating System
    Windows 11 Pro 25H2
    Computer type
    Laptop
    Manufacturer/Model
    Asus Vivobook X1605VA
    CPU
    Intel® Core™ i9-13900H
    Motherboard
    Asus X1605VA bios 309
    Memory
    32GB DDR4-3200 Dual channel
    Graphics card(s)
    *Intel Iris Xᵉ Graphics G7
    Sound Card
    Realtek | Intel SST Bluetooth & USB
    Monitor(s) Displays
    16.0-inch, WUXGA 16:10 aspect ratio, IPS-level Panel
    Screen Resolution
    1920 x 1200 60hz
    Hard Drives
    512GB M.2 NVMe™ PCIe® 3.0 SSD
    Mouse
    Logitech MX Ergo Trackball
    Antivirus
    Bitdefender Total Security
    Other Info
    720p Webcam
    WiFi & USB to ethernet
we install this new key, install the latest linux/windows11 builds signed with the new key, then 2026 comes around and our laptops will keep working, great

but current desktop gpu firmware is signed by the old key, i really doubt oems will issue firmware updates for current gpus either, not great

are there any GPUs currently on the market co-signed with the new key? am i correct in assuming all current GPUs will be blocked from booting by secure boot in 2026?
 

My Computer My Computer

At a glance

10
OS
10
Did it without issues on a 1st try reboot...
1710097816621.png
 

My Computer My Computer

At a glance

Win11 Insider[Always the latest Dev/Beta rele...AMD Ryzen 7 4800H with Radeon GraphicsG.SKILL [Samsung Die] DRR4 - 3200Mhz CL18 (18...nVidia GTX 1660ti GDDR6 6GB(90W) 2.02Ghz Core...
OS
Win11 Insider[Always the latest Dev/Beta releases]
Computer type
Laptop
Manufacturer/Model
Asus TUF Gaming FA506IU Laptop
CPU
AMD Ryzen 7 4800H with Radeon Graphics
Motherboard
AMD K17.6 FCH, AMD K17.6 IMC
Memory
G.SKILL [Samsung Die] DRR4 - 3200Mhz CL18 (18-19-19-36) - 32GB(16GBx2)
Graphics Card(s)
nVidia GTX 1660ti GDDR6 6GB(90W) 2.02Ghz Core & +548Mhz Mem-OC'ed [VBIOS Unlocked]
Sound Card
Realtek ALC256 @ AMD K17.6
Monitor(s) Displays
LM156LF-2F03 144HZ with Adaptive SYNC
Screen Resolution
1920x1080 - 144Hz
Hard Drives
WDC PC SN530 SDBPNPZ-256G-1002 + SHGP31-500GM-2 + ST1000LM035-1RK172 + Samsung SSD 870 QVO 1TB 1000.2 GB
PSU
ASUS Power Brick 180W
Case
Laptop Case with Dual Fan
Cooling
Dual Fans Design with Self-Cleaning Cooling
Keyboard
Asus Aura RGB with Overstroke technology
Mouse
ROG SICA Gaming Mouse
Internet Speed
100Mbps FiberOptic [100 Mbps Down - 50 Mbps Up]
Browser
Chrome/Firefox/Tor
Antivirus
Symantec Endpoint Protection with Windows Defender (Active Mode) + Custom DNS Server
Other Info
CPU with -15 Curve Optimizer all cores and -50 Cure optimizer on iGPU
BCLK OC to 101.6Mhz
Benchmark Scores:-
CineBench R23 Single core:- 1290 points
CineBench R23 Multi core:- 11111 points
There are several threads on this now...but I'll admit I'm confused. I have the Windows UEFI CA 2023 updated as above. However, it is my understanding that you also need to get the KEK and PCA certificates updated as well. Can someone please post safe/detailed instructions for those? Likewise, I've seen some screenshots of a "Microsoft UEFI 2023) certificated as well (i.e. Microsoft...not just Windows). Thanks.
 

My Computers My Computers

  • At a glance

    Windows 11Intel i7-7700K32GB 2666Mhz (Kingston Hyper X Fury)Asus Nvidia 1050Ti
    OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel i7-7700K
    Motherboard
    Asus Prime Z-270A
    Memory
    32GB 2666Mhz (Kingston Hyper X Fury)
    Graphics Card(s)
    Asus Nvidia 1050Ti
    Sound Card
    N/A
    Monitor(s) Displays
    Samsung C27F390
    Screen Resolution
    1920 x 1080
    Hard Drives
    1TB Western Digital SN770 (System) and 2TB Western Digital SN770 (Storage)
    Antivirus
    Windows Security
  • At a glance

    Windows 11 Homei9-11900H32GBIntegrated Intel and Nvidia 3050Ti
    Operating System
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Dell/XPS 15 9510
    CPU
    i9-11900H
    Motherboard
    Unknown
    Memory
    32GB
    Graphics card(s)
    Integrated Intel and Nvidia 3050Ti
    Sound Card
    Integrated (Realtek)
    Monitor(s) Displays
    None
    Screen Resolution
    1920 x 1200 (non-Touch)
    Hard Drives
    2TB SK Hynix P41 Platinum
    Antivirus
    Windows Security
I'm to the last step it seems. Secure boot is enabled, I have the certificates in my UEFI DB, and Windows is booting using the 2023 certificates. I think I just need to get the 2011 Certs into the DBX database to disable the 2011 certs and I'm done.

1758466570352.webp
 

My Computers My Computers

  • At a glance

    Win 11 Pro 25H2, Build 26200.8737Intel Core i5 1450064GB DDR4GeForce RTX 4060
    OS
    Win 11 Pro 25H2, Build 26200.8737
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 NVMe PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    Seagate 4TB Ironwolf, rotating HDD archive files
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • At a glance

    Win 11 Pro 25H2, Build 26200.8655Intel Core i5 1440032GB DDR5Intel 700 Embedded GPU
    Operating System
    Win 11 Pro 25H2, Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • Nimo N171 17" Laptop, (Intel i3-1215U, 16GB RAM, 2TB NVMe, Win11 Pro)
    Acemagic Vista Mini PC V1 (Intel N150, 16GB RAM, 1TB NVMe, Win11 Pro)
    HP ENVY h8-1540t, (24GB RAM, 2TB SSD, 2TB HDD, Win11 Pro)
I'm to the last step it seems. Secure boot is enabled, I have the certificates in my UEFI DB, and Windows is booting using the 2023 certificates. I think I just need to get the 2011 Certs into the DBX database to disable the 2011 certs and I'm done.
What command do you use to get that information? TIA
 

My Computer My Computer

At a glance

Windows 11 Pro 25H212th Gen Intel(R) Core(TM) i7-1255U (1.70 GHz16.0 GBIntel iRIS Xe
OS
Windows 11 Pro 25H2
Computer type
Laptop
Manufacturer/Model
HP 15s-fq5xxx
CPU
12th Gen Intel(R) Core(TM) i7-1255U (1.70 GHz
Memory
16.0 GB
Graphics Card(s)
Intel iRIS Xe
Screen Resolution
1920 x 1080
Hard Drives
Samsung SSD 512 GB
Mouse
Logitech Pebble
Internet Speed
500/50 Mb/sec
Browser
Chrome
Antivirus
Defender
What command do you use to get that information? TIA
It's a PowerShell script that I got here. Don't remember who posted it, but variations of it have been posted a few times.

I've attached the PowerShell script. To run it, I have a one-line batch file, let's assume the script is in C:\TEMP, here's the contents of the batch file:

powershell -nop -ep bypass -f "C:\TEMP\Check_EFIBootFileUpdated.ps1"
 

Attachments

My Computers My Computers

  • At a glance

    Win 11 Pro 25H2, Build 26200.8737Intel Core i5 1450064GB DDR4GeForce RTX 4060
    OS
    Win 11 Pro 25H2, Build 26200.8737
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 NVMe PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    Seagate 4TB Ironwolf, rotating HDD archive files
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • At a glance

    Win 11 Pro 25H2, Build 26200.8655Intel Core i5 1440032GB DDR5Intel 700 Embedded GPU
    Operating System
    Win 11 Pro 25H2, Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • Nimo N171 17" Laptop, (Intel i3-1215U, 16GB RAM, 2TB NVMe, Win11 Pro)
    Acemagic Vista Mini PC V1 (Intel N150, 16GB RAM, 1TB NVMe, Win11 Pro)
    HP ENVY h8-1540t, (24GB RAM, 2TB SSD, 2TB HDD, Win11 Pro)
It's a PowerShell script that I got here. Don't remember who posted it, but variations of it have been posted a few times.
Thanks for that, appreciate it.

This is mine after following the update instructions in the first post. Clearly different to yours so I dunno, think I'll just wait and hope it keeps booting after June next year.

Running build 26200.6584 Pro on a 2 and half year old HP Laptop btw

Screenshot 2025-09-24 073802.webp
 

My Computer My Computer

At a glance

Windows 11 Pro 25H212th Gen Intel(R) Core(TM) i7-1255U (1.70 GHz16.0 GBIntel iRIS Xe
OS
Windows 11 Pro 25H2
Computer type
Laptop
Manufacturer/Model
HP 15s-fq5xxx
CPU
12th Gen Intel(R) Core(TM) i7-1255U (1.70 GHz
Memory
16.0 GB
Graphics Card(s)
Intel iRIS Xe
Screen Resolution
1920 x 1080
Hard Drives
Samsung SSD 512 GB
Mouse
Logitech Pebble
Internet Speed
500/50 Mb/sec
Browser
Chrome
Antivirus
Defender
I checked my desktop PC (see specs below) to see if the two boot USBs I've created work with Secure Boot enabled in the Asus UEFI bios. Also updates listed at the top of this thread completed.

The two USBs are one created in Rufus (NTFS) and the other created using the Windows Media Creation Tool (FAT32).

Both show up in the Boot Menu of the UEFI Bios and work.
But have you revoked the 2011 cert for this computer?
If not revoked then that is why they all still work.
Will look like this if 2011 is revoked as it will be listed in the DBX.

Screenshot 2025-07-26 104702.webp
 

My Computer My Computer

At a glance

Windows 11 Pro
OS
Windows 11 Pro
That's where I am, just have to get the Microsoft Corporation UEFI CA 2011 banned and I think I'm set for the short term. I have secure boot enabled and no problems booting with the 2023 certificate.

1758669130926.webp
 

My Computers My Computers

  • At a glance

    Win 11 Pro 25H2, Build 26200.8737Intel Core i5 1450064GB DDR4GeForce RTX 4060
    OS
    Win 11 Pro 25H2, Build 26200.8737
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 NVMe PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    Seagate 4TB Ironwolf, rotating HDD archive files
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • At a glance

    Win 11 Pro 25H2, Build 26200.8655Intel Core i5 1440032GB DDR5Intel 700 Embedded GPU
    Operating System
    Win 11 Pro 25H2, Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • Nimo N171 17" Laptop, (Intel i3-1215U, 16GB RAM, 2TB NVMe, Win11 Pro)
    Acemagic Vista Mini PC V1 (Intel N150, 16GB RAM, 1TB NVMe, Win11 Pro)
    HP ENVY h8-1540t, (24GB RAM, 2TB SSD, 2TB HDD, Win11 Pro)
Your good like it is as it is revoked.
DBX list is UEFI Secure Boot Forbidden Signature Database.
 

My Computer My Computer

At a glance

Windows 11 Pro
OS
Windows 11 Pro
Your good like it is as it is revoked.
DBX list is UEFI Secure Boot Forbidden Signature Database.
I know, just want to get the Microsoft Corporation UEFI CA 2011 revoked as well, not sure how to do that.
 

My Computers My Computers

  • At a glance

    Win 11 Pro 25H2, Build 26200.8737Intel Core i5 1450064GB DDR4GeForce RTX 4060
    OS
    Win 11 Pro 25H2, Build 26200.8737
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14500
    Motherboard
    Gigabyte B760M G P WIFI
    Memory
    64GB DDR4
    Graphics Card(s)
    GeForce RTX 4060
    Sound Card
    Chipset Realtek
    Monitor(s) Displays
    LG 45" Ultragear, Acer 24" 1080p
    Screen Resolution
    5120x1440, 1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 3D NAND NVMe M.2 SSD (O/S)
    Silicon Power 2TB US75 NVMe PCIe Gen4 M.2 2280 SSD (backup)
    Crucial BX500 2TB 3D NAND (2nd backup)
    Seagate 4TB Ironwolf, rotating HDD archive files
    External off-line backup Drives: 2 NVMe 4TB drives in external enclosures
    PSU
    Thermaltake Toughpower GF3 750W
    Case
    LIAN LI LANCOOL 216 E-ATX PC Case
    Cooling
    Lots of fans!
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • At a glance

    Win 11 Pro 25H2, Build 26200.8655Intel Core i5 1440032GB DDR5Intel 700 Embedded GPU
    Operating System
    Win 11 Pro 25H2, Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Home Brew
    CPU
    Intel Core i5 14400
    Motherboard
    Gigabyte B760M DS3H AX
    Memory
    32GB DDR5
    Graphics card(s)
    Intel 700 Embedded GPU
    Sound Card
    Realtek Embedded
    Monitor(s) Displays
    27" HP 1080p
    Screen Resolution
    1920x1080
    Hard Drives
    Crucial P310 2TB 2280 PCIe Gen4 eD NAND PCIe SSD
    Samsung EVO 990 2TB NVMe Gen4 SSD
    Samsung 2TB SATA SSD
    PSU
    Thermaltake Smart BM3 650W
    Case
    Okinos Micro ATX Case
    Cooling
    Fans
    Keyboard
    Microsoft Comfort Curve 2000
    Mouse
    Logitech G305
    Internet Speed
    Verizon FiOS 1GB
    Browser
    Firefox
    Antivirus
    Malware Bytes & Windows Defender Security
  • Nimo N171 17" Laptop, (Intel i3-1215U, 16GB RAM, 2TB NVMe, Win11 Pro)
    Acemagic Vista Mini PC V1 (Intel N150, 16GB RAM, 1TB NVMe, Win11 Pro)
    HP ENVY h8-1540t, (24GB RAM, 2TB SSD, 2TB HDD, Win11 Pro)
Been reading this thread and I'm a little confused.

Here is what I get when I run that PS1 script mentioned above -- am I ok for when the Secure Boot keys are revoked or is there something else I need to do:

Secure Boot: ENABLED

EFI DB Certificates
-------------------
Microsoft Corporation UEFI CA 2011
Microsoft Windows Production PCA 2011
Windows UEFI CA 2023
Microsoft UEFI CA 2023

EFI KEK Certificates
--------------------
Microsoft Corporation KEK CA 2011
Microsoft Corporation KEK 2K CA 2023

EFI DBX Certificates
--------------------

AvailableUpdates: 0x0
---------------------
Mount the EFI partition to label X:
Validate that X:\EFI\Microsoft\Boot\bootmgfw.efi file is signed by the Windows UEFI CA 2023 certificate!
Unmount X: EFI partition!

EFI Files
---------
Boot Manager [Windows UEFI CA 2023] on Disk is allowed.


 

My Computer My Computer

At a glance

Windows 11 Pro 25H2 (26200.8457)AMD Ryzen 7 7800X3D32gb Team Group (T-Force) DDR5-6000Zotac nVidia GeForce RTX 4070 SUPER - 12gb
OS
Windows 11 Pro 25H2 (26200.8457)
Computer type
PC/Desktop
Manufacturer/Model
Pre-built
CPU
AMD Ryzen 7 7800X3D
Motherboard
MSI Pro B650-VC WiFi
Memory
32gb Team Group (T-Force) DDR5-6000
Graphics Card(s)
Zotac nVidia GeForce RTX 4070 SUPER - 12gb
Sound Card
Sound BlasterX G6
Monitor(s) Displays
Koorui G2421V and ViewSonic VX2453
Screen Resolution
P:2560x1440 S:1920x1080
Hard Drives
WD Blue SN5000 - 500gb NVME
WD Blue SN580 - 2TB NVME
Seagate 4TB HDD - ST4000VN008-2DR166
Keyboard
Mountain Everest
Mouse
Logitech G502 Hero
Internet Speed
T-Mobile Home Internet
Browser
Firefox
Other Info
QNAP TS-469 Pro NAS
TP-Link W7200 (2 unit mesh network)
Elgato Streamdeck

My Computers My Computers

  • At a glance

    Windows 11 Pro 25H2AMD Ryzen 5 5600G @ 3.9/4.4Ghz2 x 16 GB DDR4 Kingston Fury Beast 3200 MhzAMD Radeon RX 6600 XT MSI Mech 2X OC Edition ...
    OS
    Windows 11 Pro 25H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built PC
    CPU
    AMD Ryzen 5 5600G @ 3.9/4.4Ghz
    Motherboard
    MSI B550M-PRO-WiFi Ver. 1.4
    Memory
    2 x 16 GB DDR4 Kingston Fury Beast 3200 Mhz
    Graphics Card(s)
    AMD Radeon RX 6600 XT MSI Mech 2X OC Edition 8 GB
    Sound Card
    Realtek High Definition Audio (Integrated)
    Monitor(s) Displays
    Samsung C50Rx 27" LED / HP S2031 20" LCD
    Screen Resolution
    1920 x 1080 px / 1600 x 900 px
    Hard Drives
    WD Blue SN570 NVME M.2 SSD [1 TB] -- External Drives: - WD Scorpion Blue 250 GB 5400 RPM (Data Backup) - Hitachi 500 GB 5400 RPM (Software / ISOs Backup) - Toshiba MQ01ABD100 1 TB 5400 RPM (OS Images) - HGST TravelStar 7K1000 1 TB, 7200 RPM USB 3.0 - ADATA SU800 2TB SSD USB 3.0
    PSU
    Corsair RM750e 750W Fully Modular
    Case
    Naceb Hydra NA-1602
    Cooling
    Naceb Orpheus x 3 (Front) + Naceb Cepheus 1200 RPM Max (Rear) + ThemalRight Assasin X 90 SE (CPU)
    Keyboard
    Logitech MK470 Wireless
    Mouse
    Logitech MK470 Wireless
    Internet Speed
    120 MB Symetrical
    Browser
    Firefox / Brave / Edge
    Antivirus
    Windows Defender
    Other Info
    - VMs: WMware Player - Windows 8.1 Pro x64 / Windows 11 Pro
    - Wacom Intuos Pro Small Tablet PTH-460
  • At a glance

    Windows 11 Pro 25H2AMD Ryzen 7 7730U @ 2.0/4.5 Ghz2 x 16 GB Kingston Fury Impact DDR4 3200 MhzRadeon (tm) Graphics Vega 8 (512 MB)
    Operating System
    Windows 11 Pro 25H2
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 15-eh3000la (80M53LA)
    CPU
    AMD Ryzen 7 7730U @ 2.0/4.5 Ghz
    Motherboard
    HP 8BC7
    Memory
    2 x 16 GB Kingston Fury Impact DDR4 3200 Mhz
    Graphics card(s)
    Radeon (tm) Graphics Vega 8 (512 MB)
    Sound Card
    Realtek High Definition Audio (Integrated)
    Monitor(s) Displays
    AU Optronics
    Screen Resolution
    1920 x 1080 px (125% size)
    Hard Drives
    WD Blue SN570 1TB NVME M.2 Drive
    PSU
    45 Watt Charger
    Cooling
    Laptop Cooling Pad
    Keyboard
    Free Wolf Foldable Portable Keyboard
    Mouse
    Free Wolf Wireless Mouse
    Internet Speed
    120 MB Symetrical
    Browser
    Firefox / Brave / Edge
    Antivirus
    Windows Defender
    Other Info
    - 41mWh battery.
    - Wacom Intuos Pro Small Tablet PTH-460
People... any one has any idea what is this?

Not sure they know what they are talking about when they say include the 2011 cert which is going to be revoked in 2026.
 

My Computer My Computer

At a glance

Windows 11 Pro
OS
Windows 11 Pro
What is getting me nervous is that GPUs are practically dying if you don't update them... I did a search on Google, and seems anything older than 2019 is in danger... but there is nothing else.
This is slowly becoming a true informatics armaggedon... and Microsoft doesn't inform a thing...
 

My Computers My Computers

  • At a glance

    Windows 11 Pro 25H2AMD Ryzen 5 5600G @ 3.9/4.4Ghz2 x 16 GB DDR4 Kingston Fury Beast 3200 MhzAMD Radeon RX 6600 XT MSI Mech 2X OC Edition ...
    OS
    Windows 11 Pro 25H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built PC
    CPU
    AMD Ryzen 5 5600G @ 3.9/4.4Ghz
    Motherboard
    MSI B550M-PRO-WiFi Ver. 1.4
    Memory
    2 x 16 GB DDR4 Kingston Fury Beast 3200 Mhz
    Graphics Card(s)
    AMD Radeon RX 6600 XT MSI Mech 2X OC Edition 8 GB
    Sound Card
    Realtek High Definition Audio (Integrated)
    Monitor(s) Displays
    Samsung C50Rx 27" LED / HP S2031 20" LCD
    Screen Resolution
    1920 x 1080 px / 1600 x 900 px
    Hard Drives
    WD Blue SN570 NVME M.2 SSD [1 TB] -- External Drives: - WD Scorpion Blue 250 GB 5400 RPM (Data Backup) - Hitachi 500 GB 5400 RPM (Software / ISOs Backup) - Toshiba MQ01ABD100 1 TB 5400 RPM (OS Images) - HGST TravelStar 7K1000 1 TB, 7200 RPM USB 3.0 - ADATA SU800 2TB SSD USB 3.0
    PSU
    Corsair RM750e 750W Fully Modular
    Case
    Naceb Hydra NA-1602
    Cooling
    Naceb Orpheus x 3 (Front) + Naceb Cepheus 1200 RPM Max (Rear) + ThemalRight Assasin X 90 SE (CPU)
    Keyboard
    Logitech MK470 Wireless
    Mouse
    Logitech MK470 Wireless
    Internet Speed
    120 MB Symetrical
    Browser
    Firefox / Brave / Edge
    Antivirus
    Windows Defender
    Other Info
    - VMs: WMware Player - Windows 8.1 Pro x64 / Windows 11 Pro
    - Wacom Intuos Pro Small Tablet PTH-460
  • At a glance

    Windows 11 Pro 25H2AMD Ryzen 7 7730U @ 2.0/4.5 Ghz2 x 16 GB Kingston Fury Impact DDR4 3200 MhzRadeon (tm) Graphics Vega 8 (512 MB)
    Operating System
    Windows 11 Pro 25H2
    Computer type
    Laptop
    Manufacturer/Model
    HP Pavilion 15-eh3000la (80M53LA)
    CPU
    AMD Ryzen 7 7730U @ 2.0/4.5 Ghz
    Motherboard
    HP 8BC7
    Memory
    2 x 16 GB Kingston Fury Impact DDR4 3200 Mhz
    Graphics card(s)
    Radeon (tm) Graphics Vega 8 (512 MB)
    Sound Card
    Realtek High Definition Audio (Integrated)
    Monitor(s) Displays
    AU Optronics
    Screen Resolution
    1920 x 1080 px (125% size)
    Hard Drives
    WD Blue SN570 1TB NVME M.2 Drive
    PSU
    45 Watt Charger
    Cooling
    Laptop Cooling Pad
    Keyboard
    Free Wolf Foldable Portable Keyboard
    Mouse
    Free Wolf Wireless Mouse
    Internet Speed
    120 MB Symetrical
    Browser
    Firefox / Brave / Edge
    Antivirus
    Windows Defender
    Other Info
    - 41mWh battery.
    - Wacom Intuos Pro Small Tablet PTH-460
Back
Top Bottom