Categories: Cyber Security News

Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire

Microsoft has addressed a critical security feature bypass vulnerability in Windows Secure Boot certificates, tracked as CVE-2026-21265, through its January 2026 Patch Tuesday updates.

The flaw stems from expiring 2011-era certificates that underpin Secure Boot’s trust chain, potentially allowing attackers to disrupt boot integrity if unpatched.

Rated Important with a CVSS v3.1 base score of 6.4, the issue requires local access, high privileges, and high attack complexity, making exploitation less likely.msrc.microsoft+4

CVE-2026-21265 arises because Microsoft certificates stored in UEFI KEK and DB are nearing expiration dates in mid-2026, risking Secure Boot failure without updates.

Firmware defects in the OS’s certificate update mechanism can disrupt the trust chain, compromising Windows Boot Manager and third-party loaders. Publicly disclosed but not yet exploited in the wild, Microsoft urges immediate deployment of 2023 replacement certificates.

Three key 2011 certificates must be renewed to sustain Secure Boot:

Certificate Authority	Location	Purpose	Expiration Date
Microsoft Corporation KEK CA 2011	KEK	Signs updates to DB and DBX	06/24/2026
Microsoft Corporation UEFI CA 2011	DB	Signs 3rd party boot loaders, Option ROMs	06/27/2026
Microsoft Windows Production PCA 2011	DB	Signs the Windows Boot Manager	10/19/2026

Failure to update exposes devices to boot-time attacks, as noted in Microsoft’s November 2025 advisory.

Affected Systems and Patches

Patches target legacy Windows Server and extended-support editions, all marked as customer action required.

Product	KB Article	Build Number	Update Type
Windows Server 2012 R2 (Core)	5073696	6.3.9600.22968	Monthly Rollup
Windows Server 2012 R2	5073696	6.3.9600.22968	Monthly Rollup
Windows Server 2012 (Core)	5073698	6.2.9200.25868	Monthly Rollup
Windows Server 2012	5073698	6.2.9200.25868	Monthly Rollup
Windows Server 2016 (Core)	5073722	10.0.14393.8783	Security Update
Windows Server 2016	5073722	10.0.14393.8783	Security Update
Windows 10 Version 1607 x64	5073722	10.0.14393.8783	Security Update
Windows 10 Version 1607 x86	5073722	10.0.14393.8783	Security Update

Organizations with IT-managed or Microsoft-managed updates should prioritize deployment. Verify firmware compatibility to avoid post-patch boot issues.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.

The post Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire appeared first on Cyber Security News.

CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), has issued new guidance urging enterprises to verify and manage UEFI Secure Boot configurations to counter bootkit threats. Released in December 2025 as a Cybersecurity Information Sheet (CSI), the document addresses vulnerabilities like PKFail,…

December 15, 2025

In "Cyber Security News"

CISA Publishes New Guidance for Managing UEFI Secure Boot in Enterprises

The National Security Agency has released comprehensive guidance for managing UEFI Secure Boot configurations on enterprise devices, addressing critical vulnerabilities that have exposed organizations to bootkit threats and persistent firmware attacks. The document, issued in December 2025, provides detailed instructions for system administrators to validate and recover from Secure Boot…

December 12, 2025

In "Cyber Security News"

Microsoft is keeping Secure Boot alive with Windows updates

Microsoft is automatically replacing boot-level security certificates on Windows devices before they start expiring later this year. The new Secure Boot certificates will be rolled out as part of the regular Windows platform updates, according to Microsoft's announcement blog, marking a "generational refresh" of the security standard. Secure Boot was…

February 10, 2026

In "The Verge"

rssfeeds-admin

Next Threat Actors Targeting Ukraine’s Defense Forces with Charity-Themed Malware Campaign »

Previous « AuraAudit – Open-Source Tool for Salesforce Aura Framework Misconfiguration Analysis

Published by

rssfeeds-admin

2 months ago

Crimson Desert Hits New Steam Concurrent Player Peak as Latest Game-Changing Update Kicks In

Crimson Desert has hit a new Steam concurrent player peak during its second weekend, after…

8 minutes ago

Project Hail Mary Shoots Past $300 Million at the Global Box Office, With Imax a Big Part of Its Success

Project Hail Mary has hurtled past the $300 million mark at the global box office,…

1 hour ago

How Frozen Jumped From the Big Screen To Disney Parks Around the Globe, Including World of Frozen at Disneyland Paris’ Disney Adventure World

Today, for the first time in forever, Disneyland Paris has officially opened up the gates…

2 hours ago

This website uses cookies.

Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire

Affected Systems and Patches

Related

CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices

CISA Publishes New Guidance for Managing UEFI Secure Boot in Enterprises

Microsoft is keeping Secure Boot alive with Windows updates

Recent Posts

Crimson Desert Hits New Steam Concurrent Player Peak as Latest Game-Changing Update Kicks In

Project Hail Mary Shoots Past $300 Million at the Global Box Office, With Imax a Big Part of Its Success

How Frozen Jumped From the Big Screen To Disney Parks Around the Globe, Including World of Frozen at Disneyland Paris’ Disney Adventure World

The Best Deals Today: Death Stranding 2, Switch 2 Games, Chainsaw Man Blu-ray, and More

Everything Coming to Netflix in April 2026

These LEGO Sets Are Perfect for an Easter Gift Basket

Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire

Affected Systems and Patches

Related

Related Post

Recent Posts