Microsoft Defender Adds Dashboard for 2011 Secure Boot Certificates — Windows Update
Microsoft has added a windows update-related Microsoft Defender dashboard that helps enterprise IT managers spot devices still tied to 2011 Secure Boot certificates. The feature gives security teams a central view of fleet risk before those certificates expire in June of this year.
Microsoft Defender and June expiration
“Time is running out: The Secure Boot certificates from 2011 expire in June of this year.”
The new recommendation view sorts devices into “Exposed Devices,” “Compliant Devices,” and “Not applicable Devices.”
Exposed Devices still trust the old Secure Boot certificates without trusting the newer certificates. Compliant Devices have the new 2023 certificates and the signed boot manager. Not applicable Devices have Secure Boot disabled or do not support it.
Fleet checks in Defender
Microsoft says the dashboard lets admins see the security status of the devices they manage from one place. It also shows the distribution of Secure Boot certificates from 2023 across a device fleet.
That view is more practical than checking machines one by one in the Windows Security app, which can show certificate status only on individual computers. Microsoft also says admins can filter the recommendation view by operating system platform and device context.
Windows servers and manual action
Microsoft says devices that do not receive new certificates continue to boot, but they can no longer enforce newer protection measures in the early boot phase of the system. Microsoft also says outdated certificates can leave devices exposed to new classes of attacks before the operating system and full security controls are loaded.
The awkward part is that Microsoft does not distribute the new Secure Boot certificates with automatic Windows updates on Windows servers. That means server admins cannot wait for a routine update cycle to do the work for them, and Microsoft has warned since June 2025 that the certificates are expiring.
The dashboard is most useful as a triage tool. IT teams can export device data to share with infrastructure and platform teams, then focus first on the machines Microsoft labels Exposed Devices. The unresolved issue is how quickly each organization will move those fleets onto the 2023 certificates before June closes in.
