uefi - Securetron | ADCS | MSCA | Certificate Management

Tag: uefi

Microsoft Is Removing Trust for Cross‑Signed Kernel Drivers and here is How to Validate

Posted in News.

Windows | News Kernel Drivers | WHCP Microsoft Is Removing Trust for Cross-Signed Kernel Drivers Microsoft is closing one of Windows’ longest-standing security gaps. Beginning with the April 2026 Windows Update, Windows will no longer trust kernel drivers signed under the legacy Cross-Signed Driver Program. Attackers have abused these drivers for years to load malicious or vulnerable components directly into the kernel. This change affects Windows 11, Windows Server 2025, and all future releases. 🔐 Why Microsoft Is Making This Change Cross-signed drivers were originally a convenience...

bios, boot, drivers, IoT, kernel, OT, secure boot, SeSecureBoot, uefi, WHCP

Windows Secure Boot Certificate Update

Posted in News.

ADCS | Compliance SaaS | Enterprise | Community Edition How to update Windows Secure Boot Certificate About Secure Boot Secure Boot enforces a chain of trust by checking signatures against certificates stored in firmware (DB/KEK/PK). The 2011 Microsoft UEFI CA certificates begin expiring in June 2026; systems that do not receive the replacement certificates will enter a degraded security state and may lose future boot‑time protections What Microsoft is doing and timeline Microsoft published guidance and began a phased rollout of...

bios, boot, secure boot, SeSecureBoot, uefi