Critical Windows Security Certificate Set to Expire in June 2026, Affecting Billions of PCs

A critical security certificate embedded in Windows PCs is set to expire in June 2026, potentially disrupting secure boot processes and system updates for over a billion devices globally, according to a report by ZDNet. The expiration could also affect some Linux distributions, prompting urgent calls for users to check and update their systems.

The certificate, part of Microsoft’s secure boot infrastructure, verifies the authenticity of software and updates during system startup. If unaddressed, the June 2026 expiration could prevent devices from booting or applying critical security patches. Microsoft has not yet announced an automatic update schedule for the certificate, leaving users to manually verify and renew it via Windows settings.

“This is a time-sensitive issue that requires immediate attention from both consumers and enterprise IT teams,” the ZDNet report states. Users are advised to open the Certificate Manager tool in Windows to check expiration dates and install updates if necessary. Linux users with UEFI firmware tied to the same certificate should also verify their systems, though specific steps vary by distribution.

Secure boot certificates are cryptographic keys that ensure only trusted software runs on a device. Their expiration can create vulnerabilities, as outdated certificates may be exploited by malicious actors. Microsoft typically manages certificate updates through Windows Update, but the scale of this particular expiration—impacting devices manufactured over the past decade—has raised concerns about potential widespread disruptions.