# Microsoft Secure Boot Certificate Update

## Microsoft Secure Boot Certificate Expiration<span class="heading-anchor-wrapper" role="presentation" style="position: absolute; margin-left: 6px; line-height: 1.2em; opacity: 0; transition: opacity 0.2s;"><button aria-hidden="true" class="css-x4slh0" data-testid="anchor-button" style="font-family: inherit; display: inline; outline: none; background-color: transparent; border: none; color: rgb(41, 42, 46); cursor: pointer; right: 0px; padding-left: 0px; padding-right: 0px; opacity: 0; transform: translate(-8px, 0px); transition: opacity 0.2s, transform 0.2s;" type="button"><span aria-label="Copier" class="_1e0c1o8l _vchhusvi _1o9zidpf _vwz4kb7n _y4ti1igz _bozg1mb9 _12va1onz _jcxd1r8n" role="img" style="line-height: 1; display: inline-block; box-sizing: border-box; flex-shrink: 0; padding-inline: 0px; color: rgb(80, 82, 88);"><svg class="_1reo15vq _18m915vq _syaz1r31 _lcxvglyw _s7n4yfq0 _vc881r31 _1bsbpxbi _4t3ipxbi" fill="none" role="presentation" viewbox="0 0 16 16"><path clip-rule="evenodd" d="M8.22 2.22a3.932 3.932 0 1 1 5.56 5.56l-2.25 2.25-1.06-1.06 2.25-2.25a2.432 2.432 0 0 0-3.44-3.44L7.03 5.53 5.97 4.47zm3.06 3.56-5.5 5.5-1.06-1.06 5.5-5.5zM2.22 8.22l2.25-2.25 1.06 1.06-2.25 2.25a2.432 2.432 0 0 0 3.44 3.44l2.25-2.25 1.06 1.06-2.25 2.25a3.932 3.932 0 1 1-5.56-5.56" fill="currentcolor" fill-rule="evenodd"></path></svg></span></button></span>

Two crucial Microsoft Secure Boot certificates are set to expire in June 2026. They are:

\- Microsoft Corporation KEK CA 2011 (stored in KEK)

\- Microsoft UEFI CA 2011 (stored in DB)

In addition, another critical Microsoft Secure Boot certificate expires in October 2026.

\- Microsoft Windows Production PCA 2011 (stored in DB)

When these certificates expire, devices may fail to recognize trusted bootloaders, and future Secure Boot policies may not be applied. Updating the certificates ensures continued protection against malicious rootkits and ensures Windows firmware compliance

## Turn off temporary Bitlocker Encryption<span class="heading-anchor-wrapper" role="presentation" style="position: absolute; margin-left: 6px; line-height: 1.2em; opacity: 0; transition: opacity 0.2s;"><button aria-hidden="true" class="css-x4slh0" data-testid="anchor-button" style="font-family: inherit; display: inline; outline: none; background-color: transparent; border: none; color: rgb(41, 42, 46); cursor: pointer; right: 0px; padding-left: 0px; padding-right: 0px; opacity: 0; transform: translate(-8px, 0px); transition: opacity 0.2s, transform 0.2s;" type="button"><span aria-label="Copier" class="_1e0c1o8l _vchhusvi _1o9zidpf _vwz4kb7n _y4ti1igz _bozg1mb9 _12va1onz _jcxd1r8n" role="img" style="line-height: 1; display: inline-block; box-sizing: border-box; flex-shrink: 0; padding-inline: 0px; color: rgb(80, 82, 88);"><svg class="_1reo15vq _18m915vq _syaz1r31 _lcxvglyw _s7n4yfq0 _vc881r31 _1bsbpxbi _4t3ipxbi" fill="none" role="presentation" viewbox="0 0 16 16"><path clip-rule="evenodd" d="M8.22 2.22a3.932 3.932 0 1 1 5.56 5.56l-2.25 2.25-1.06-1.06 2.25-2.25a2.432 2.432 0 0 0-3.44-3.44L7.03 5.53 5.97 4.47zm3.06 3.56-5.5 5.5-1.06-1.06 5.5-5.5zM2.22 8.22l2.25-2.25 1.06 1.06-2.25 2.25a2.432 2.432 0 0 0 3.44 3.44l2.25-2.25 1.06 1.06-2.25 2.25a3.932 3.932 0 1 1-5.56-5.56" fill="currentcolor" fill-rule="evenodd"></path></svg></span></button></span>

Before applying this, ensure that your BitLocker recovery keys are backed up and accessible. Suspend BitLocker (Suspend-BitLocker) before the first reboot to prevent user lockouts.

I highly recommend including it when cloning machines, because when switching machines, people will have a different BitLocker key.

<span class="prismjs _11c81u0j _2rko12b0 _1dqoglyw _1e0c1txw _vwz4gktf _1reo1wug _o572qvpr _1eimjvyg _bfhk187e _syazi7uo _1ozdn7od _7xinn7od _t7aun7od _r28du2gc _tajqu2gc _1ohiu2gc _m802u2gc _i6ntu2gc _1w2xu2gc _1hmyegat _vblregat _vbulegat _196q1xv3 _1vbw1xv3 _1v9c1xv3 _1srnt0uh _18r6myb0 _vyvc1n1a _1d4j1y44 _1f8gstnw _1pzyb3bt _ra6gsb9t _13cdh2mm _1pp0126e _zvy9f705 _qcxof705 _qzn01a66 _j0l11wug _1weckb7n _1na21hna _vsnzgrf3 _x7c815vq _lh0y15vq _1m3815vq _qk1e15vq _12l6ysn8 _uga3ysn8 _mx8b7mnp _1kr87mnp _xo19t94y _1bemt94y _nalpstnw _151dstnw _1exb1q9c _1hgu1q9c _1mgnt94y _nhket94y _h909i8nm _scgayz1z _ipl81e17 _40uk1l04 _i81p1a66 _1gx21e5h _1ls01ule _vm2c1rh5 _12ok1rh5 _rude1ule _1q16glyw _1io6glyw _juomusic _lcwuusic _pyovu2gc _ccm6u2gc _1ascu2gc _1yuau2gc _xr0w1a66 _4io21a66 _euyxusvi _cahfusvi _zhnuidpf _1amdidpf _mbgc124n _bu7z124n _131n1giz _gy101giz _1wfuwrk5 _16kzwrk5 _9kk3moej _cjus1w1g _9k2r1m30 _nhmw1m30 _yl021m30 _eiht5x2v _t9zb5x2v _mqok1w1g _3hsg1w1g _i7ngn7od _9wu1fb2s _1xcoh55r _1t36i7uo _137bh55r _1k7di7uo _97li16jw _12nh9lu1 _1g0517qg _i2igqmo9 _326zi7uo _113p1rpy _1n6t16jw _tgu817qg _1k4716jw _g0lxi7uo _ys4e1rpy _7gp8h55r _1yvqqmo9 _1vwwqmo9 _1rjuqmo9 _1v0lh55r _wmyy17qg _748n17qg _1mfn17qg _1d7e17qg _p2vr17qg _19o6qmo9 _kxov17qg _1np517qg _m2f517qg _1b9t16jw _1tq616jw _1rd216jw _1pbk16jw _k3li16jw _13zt1rpy _2g12fb2s _k86bqmo9 _b5iy1rpy _gti31rpy _1f0g16jw _9d3e17qg _qdia16jw _72uv16jw _13dgkb7n _1707efft _1i3h1txw _16noidpf _h4fuidpf _pp6yidpf _1g4tidpf _11wmidpf _1bx8idpf" data-code-lang="" data-ds--code--code-block="" data-testid="renderer-code-block" style="--ads-code-line-number-width: calc(1ch + 16px); --ads-highlighted-start-text: Highlight start; --ads-highlighted-end-text: Highlight end;">`<span class="" data-ds--code--row="" data-testid="renderer-code-block-line-1"><span class="">Suspend-BitLocker -MountPoint "C:" -RebootCount 2</span></span>`</span>

<span class="prismjs _11c81u0j _2rko12b0 _1dqoglyw _1e0c1txw _vwz4gktf _1reo1wug _o572qvpr _1eimjvyg _bfhk187e _syazi7uo _1ozdn7od _7xinn7od _t7aun7od _r28du2gc _tajqu2gc _1ohiu2gc _m802u2gc _i6ntu2gc _1w2xu2gc _1hmyegat _vblregat _vbulegat _196q1xv3 _1vbw1xv3 _1v9c1xv3 _1srnt0uh _18r6myb0 _vyvc1n1a _1d4j1y44 _1f8gstnw _1pzyb3bt _ra6gsb9t _13cdh2mm _1pp0126e _zvy9f705 _qcxof705 _qzn01a66 _j0l11wug _1weckb7n _1na21hna _vsnzgrf3 _x7c815vq _lh0y15vq _1m3815vq _qk1e15vq _12l6ysn8 _uga3ysn8 _mx8b7mnp _1kr87mnp _xo19t94y _1bemt94y _nalpstnw _151dstnw _1exb1q9c _1hgu1q9c _1mgnt94y _nhket94y _h909i8nm _scgayz1z _ipl81e17 _40uk1l04 _i81p1a66 _1gx21e5h _1ls01ule _vm2c1rh5 _12ok1rh5 _rude1ule _1q16glyw _1io6glyw _juomusic _lcwuusic _pyovu2gc _ccm6u2gc _1ascu2gc _1yuau2gc _xr0w1a66 _4io21a66 _euyxusvi _cahfusvi _zhnuidpf _1amdidpf _mbgc124n _bu7z124n _131n1giz _gy101giz _1wfuwrk5 _16kzwrk5 _9kk3moej _cjus1w1g _9k2r1m30 _nhmw1m30 _yl021m30 _eiht5x2v _t9zb5x2v _mqok1w1g _3hsg1w1g _i7ngn7od _9wu1fb2s _1xcoh55r _1t36i7uo _137bh55r _1k7di7uo _97li16jw _12nh9lu1 _1g0517qg _i2igqmo9 _326zi7uo _113p1rpy _1n6t16jw _tgu817qg _1k4716jw _g0lxi7uo _ys4e1rpy _7gp8h55r _1yvqqmo9 _1vwwqmo9 _1rjuqmo9 _1v0lh55r _wmyy17qg _748n17qg _1mfn17qg _1d7e17qg _p2vr17qg _19o6qmo9 _kxov17qg _1np517qg _m2f517qg _1b9t16jw _1tq616jw _1rd216jw _1pbk16jw _k3li16jw _13zt1rpy _2g12fb2s _k86bqmo9 _b5iy1rpy _gti31rpy _1f0g16jw _9d3e17qg _qdia16jw _72uv16jw _13dgkb7n _1707efft _1i3h1txw _16noidpf _h4fuidpf _pp6yidpf _1g4tidpf _11wmidpf _1bx8idpf" data-code-lang="" data-ds--code--code-block="" data-testid="renderer-code-block" style="--ads-code-line-number-width: calc(1ch + 16px); --ads-highlighted-start-text: Highlight start; --ads-highlighted-end-text: Highlight end;">`<span class="" data-ds--code--row="" data-testid="renderer-code-block-line-1"><span class="">Get-BitLockerVolume -MountPoint "C:" | Select-Object ProtectionStatus</span></span>`</span>

## Updating Microsoft UEFI Certificates<span class="heading-anchor-wrapper" role="presentation" style="position: absolute; margin-left: 6px; line-height: 1.2em; opacity: 0; transition: opacity 0.2s;"><button aria-hidden="true" class="css-x4slh0" data-testid="anchor-button" style="font-family: inherit; display: inline; outline: none; background-color: transparent; border: none; color: rgb(41, 42, 46); cursor: pointer; right: 0px; padding-left: 0px; padding-right: 0px; opacity: 0; transform: translate(-8px, 0px); transition: opacity 0.2s, transform 0.2s;" type="button"><span aria-label="Copier" class="_1e0c1o8l _vchhusvi _1o9zidpf _vwz4kb7n _y4ti1igz _bozg1mb9 _12va1onz _jcxd1r8n" role="img" style="line-height: 1; display: inline-block; box-sizing: border-box; flex-shrink: 0; padding-inline: 0px; color: rgb(80, 82, 88);"><svg class="_1reo15vq _18m915vq _syaz1r31 _lcxvglyw _s7n4yfq0 _vc881r31 _1bsbpxbi _4t3ipxbi" fill="none" role="presentation" viewbox="0 0 16 16"><path clip-rule="evenodd" d="M8.22 2.22a3.932 3.932 0 1 1 5.56 5.56l-2.25 2.25-1.06-1.06 2.25-2.25a2.432 2.432 0 0 0-3.44-3.44L7.03 5.53 5.97 4.47zm3.06 3.56-5.5 5.5-1.06-1.06 5.5-5.5zM2.22 8.22l2.25-2.25 1.06 1.06-2.25 2.25a2.432 2.432 0 0 0 3.44 3.44l2.25-2.25 1.06 1.06-2.25 2.25a3.932 3.932 0 1 1-5.56-5.56" fill="currentcolor" fill-rule="evenodd"></path></svg></span></button></span>

### *Status*<span class="heading-anchor-wrapper" role="presentation" style="position: absolute; margin-left: 6px; line-height: 1.25em; opacity: 0; transition: opacity 0.2s;"><button aria-hidden="true" class="css-x4slh0" data-testid="anchor-button" style="font-family: inherit; display: inline; outline: none; background-color: transparent; border: none; color: rgb(41, 42, 46); cursor: pointer; right: 0px; padding-left: 0px; padding-right: 0px; opacity: 0; transform: translate(-8px, 0px); transition: opacity 0.2s, transform 0.2s;" type="button"><span aria-label="Copier" class="_1e0c1o8l _vchhusvi _1o9zidpf _vwz4kb7n _y4ti1igz _bozg1mb9 _12va1onz _jcxd1r8n" role="img" style="line-height: 1; display: inline-block; box-sizing: border-box; flex-shrink: 0; padding-inline: 0px; color: rgb(80, 82, 88);"><svg class="_1reo15vq _18m915vq _syaz1r31 _lcxvglyw _s7n4yfq0 _vc881r31 _1bsbpxbi _4t3ipxbi" fill="none" role="presentation" viewbox="0 0 16 16"><path clip-rule="evenodd" d="M8.22 2.22a3.932 3.932 0 1 1 5.56 5.56l-2.25 2.25-1.06-1.06 2.25-2.25a2.432 2.432 0 0 0-3.44-3.44L7.03 5.53 5.97 4.47zm3.06 3.56-5.5 5.5-1.06-1.06 5.5-5.5zM2.22 8.22l2.25-2.25 1.06 1.06-2.25 2.25a2.432 2.432 0 0 0 3.44 3.44l2.25-2.25 1.06 1.06-2.25 2.25a3.932 3.932 0 1 1-5.56-5.56" fill="currentcolor" fill-rule="evenodd"></path></svg></span></button></span>

To begin, administrators can check the status of the update process by reading the value of the **UEFICA2023Status** registry key.

<span class="prismjs _11c81u0j _2rko12b0 _1dqoglyw _1e0c1txw _vwz4gktf _1reo1wug _o572qvpr _1eimjvyg _bfhk187e _syazi7uo _1ozdn7od _7xinn7od _t7aun7od _r28du2gc _tajqu2gc _1ohiu2gc _m802u2gc _i6ntu2gc _1w2xu2gc _1hmyegat _vblregat _vbulegat _196q1xv3 _1vbw1xv3 _1v9c1xv3 _1srnt0uh _18r6myb0 _vyvc1n1a _1d4j1y44 _1f8gstnw _1pzyb3bt _ra6gsb9t _13cdh2mm _1pp0126e _zvy9f705 _qcxof705 _qzn01a66 _j0l11wug _1weckb7n _1na21hna _vsnzgrf3 _x7c815vq _lh0y15vq _1m3815vq _qk1e15vq _12l6ysn8 _uga3ysn8 _mx8b7mnp _1kr87mnp _xo19t94y _1bemt94y _nalpstnw _151dstnw _1exb1q9c _1hgu1q9c _1mgnt94y _nhket94y _h909i8nm _scgayz1z _ipl81e17 _40uk1l04 _i81p1a66 _1gx21e5h _1ls01ule _vm2c1rh5 _12ok1rh5 _rude1ule _1q16glyw _1io6glyw _juomusic _lcwuusic _pyovu2gc _ccm6u2gc _1ascu2gc _1yuau2gc _xr0w1a66 _4io21a66 _euyxusvi _cahfusvi _zhnuidpf _1amdidpf _mbgc124n _bu7z124n _131n1giz _gy101giz _1wfuwrk5 _16kzwrk5 _9kk3moej _cjus1w1g _9k2r1m30 _nhmw1m30 _yl021m30 _eiht5x2v _t9zb5x2v _mqok1w1g _3hsg1w1g _i7ngn7od _9wu1fb2s _1xcoh55r _1t36i7uo _137bh55r _1k7di7uo _97li16jw _12nh9lu1 _1g0517qg _i2igqmo9 _326zi7uo _113p1rpy _1n6t16jw _tgu817qg _1k4716jw _g0lxi7uo _ys4e1rpy _7gp8h55r _1yvqqmo9 _1vwwqmo9 _1rjuqmo9 _1v0lh55r _wmyy17qg _748n17qg _1mfn17qg _1d7e17qg _p2vr17qg _19o6qmo9 _kxov17qg _1np517qg _m2f517qg _1b9t16jw _1tq616jw _1rd216jw _1pbk16jw _k3li16jw _13zt1rpy _2g12fb2s _k86bqmo9 _b5iy1rpy _gti31rpy _1f0g16jw _9d3e17qg _qdia16jw _72uv16jw _13dgkb7n _1707efft _1i3h1txw _16noidpf _h4fuidpf _pp6yidpf _1g4tidpf _11wmidpf _1bx8idpf" data-code-lang="" data-ds--code--code-block="" data-testid="renderer-code-block" style="--ads-code-line-number-width: calc(1ch + 16px); --ads-highlighted-start-text: Highlight start; --ads-highlighted-end-text: Highlight end;">`<span class="" data-ds--code--row="" data-testid="renderer-code-block-line-1"><span class="">Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot\Servicing\ -Name UEFICA2023Status | Select-Object UEFICA2023Status</span></span>`</span>

[![image.png](http://doc-trevette.duckdns.org/uploads/images/gallery/2026-01/scaled-1680-/uujimage.png)](http://doc-trevette.duckdns.org/uploads/images/gallery/2026-01/uujimage.png)

### *Update*<span class="heading-anchor-wrapper" role="presentation" style="position: absolute; margin-left: 6px; line-height: 1.25em; opacity: 0; transition: opacity 0.2s;"><button aria-hidden="true" class="css-x4slh0" data-testid="anchor-button" style="font-family: inherit; display: inline; outline: none; background-color: transparent; border: none; color: rgb(41, 42, 46); cursor: pointer; right: 0px; padding-left: 0px; padding-right: 0px; opacity: 0; transform: translate(-8px, 0px); transition: opacity 0.2s, transform 0.2s;" type="button"><span aria-label="Copier" class="_1e0c1o8l _vchhusvi _1o9zidpf _vwz4kb7n _y4ti1igz _bozg1mb9 _12va1onz _jcxd1r8n" role="img" style="line-height: 1; display: inline-block; box-sizing: border-box; flex-shrink: 0; padding-inline: 0px; color: rgb(80, 82, 88);"><svg class="_1reo15vq _18m915vq _syaz1r31 _lcxvglyw _s7n4yfq0 _vc881r31 _1bsbpxbi _4t3ipxbi" fill="none" role="presentation" viewbox="0 0 16 16"><path clip-rule="evenodd" d="M8.22 2.22a3.932 3.932 0 1 1 5.56 5.56l-2.25 2.25-1.06-1.06 2.25-2.25a2.432 2.432 0 0 0-3.44-3.44L7.03 5.53 5.97 4.47zm3.06 3.56-5.5 5.5-1.06-1.06 5.5-5.5zM2.22 8.22l2.25-2.25 1.06 1.06-2.25 2.25a2.432 2.432 0 0 0 3.44 3.44l2.25-2.25 1.06 1.06-2.25 2.25a3.932 3.932 0 1 1-5.56-5.56" fill="currentcolor" fill-rule="evenodd"></path></svg></span></button></span>

To initiate the update process, set the value of **AvailableUpdates** to **0x5944**.

<span class="prismjs _11c81u0j _2rko12b0 _1dqoglyw _1e0c1txw _vwz4gktf _1reo1wug _o572qvpr _1eimjvyg _bfhk187e _syazi7uo _1ozdn7od _7xinn7od _t7aun7od _r28du2gc _tajqu2gc _1ohiu2gc _m802u2gc _i6ntu2gc _1w2xu2gc _1hmyegat _vblregat _vbulegat _196q1xv3 _1vbw1xv3 _1v9c1xv3 _1srnt0uh _18r6myb0 _vyvc1n1a _1d4j1y44 _1f8gstnw _1pzyb3bt _ra6gsb9t _13cdh2mm _1pp0126e _zvy9f705 _qcxof705 _qzn01a66 _j0l11wug _1weckb7n _1na21hna _vsnzgrf3 _x7c815vq _lh0y15vq _1m3815vq _qk1e15vq _12l6ysn8 _uga3ysn8 _mx8b7mnp _1kr87mnp _xo19t94y _1bemt94y _nalpstnw _151dstnw _1exb1q9c _1hgu1q9c _1mgnt94y _nhket94y _h909i8nm _scgayz1z _ipl81e17 _40uk1l04 _i81p1a66 _1gx21e5h _1ls01ule _vm2c1rh5 _12ok1rh5 _rude1ule _1q16glyw _1io6glyw _juomusic _lcwuusic _pyovu2gc _ccm6u2gc _1ascu2gc _1yuau2gc _xr0w1a66 _4io21a66 _euyxusvi _cahfusvi _zhnuidpf _1amdidpf _mbgc124n _bu7z124n _131n1giz _gy101giz _1wfuwrk5 _16kzwrk5 _9kk3moej _cjus1w1g _9k2r1m30 _nhmw1m30 _yl021m30 _eiht5x2v _t9zb5x2v _mqok1w1g _3hsg1w1g _i7ngn7od _9wu1fb2s _1xcoh55r _1t36i7uo _137bh55r _1k7di7uo _97li16jw _12nh9lu1 _1g0517qg _i2igqmo9 _326zi7uo _113p1rpy _1n6t16jw _tgu817qg _1k4716jw _g0lxi7uo _ys4e1rpy _7gp8h55r _1yvqqmo9 _1vwwqmo9 _1rjuqmo9 _1v0lh55r _wmyy17qg _748n17qg _1mfn17qg _1d7e17qg _p2vr17qg _19o6qmo9 _kxov17qg _1np517qg _m2f517qg _1b9t16jw _1tq616jw _1rd216jw _1pbk16jw _k3li16jw _13zt1rpy _2g12fb2s _k86bqmo9 _b5iy1rpy _gti31rpy _1f0g16jw _9d3e17qg _qdia16jw _72uv16jw _13dgkb7n _1707efft _1i3h1txw _16noidpf _h4fuidpf _pp6yidpf _1g4tidpf _11wmidpf _1bx8idpf" data-code-lang="" data-ds--code--code-block="" data-testid="renderer-code-block" style="--ads-code-line-number-width: calc(1ch + 16px); --ads-highlighted-start-text: Highlight start; --ads-highlighted-end-text: Highlight end;">`<span class="" data-ds--code--row="" data-testid="renderer-code-block-line-1"><span class="">Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot’ -Name ‘AvailableUpdates’ -Value 0x5944</span></span>`</span>

<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;">Next, start the </span>**Secure-Boot-Update**<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;"> scheduled task.</span>

<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;"><span class="prismjs _11c81u0j _2rko12b0 _1dqoglyw _1e0c1txw _vwz4gktf _1reo1wug _o572qvpr _1eimjvyg _bfhk187e _syazi7uo _1ozdn7od _7xinn7od _t7aun7od _r28du2gc _tajqu2gc _1ohiu2gc _m802u2gc _i6ntu2gc _1w2xu2gc _1hmyegat _vblregat _vbulegat _196q1xv3 _1vbw1xv3 _1v9c1xv3 _1srnt0uh _18r6myb0 _vyvc1n1a _1d4j1y44 _1f8gstnw _1pzyb3bt _ra6gsb9t _13cdh2mm _1pp0126e _zvy9f705 _qcxof705 _qzn01a66 _j0l11wug _1weckb7n _1na21hna _vsnzgrf3 _x7c815vq _lh0y15vq _1m3815vq _qk1e15vq _12l6ysn8 _uga3ysn8 _mx8b7mnp _1kr87mnp _xo19t94y _1bemt94y _nalpstnw _151dstnw _1exb1q9c _1hgu1q9c _1mgnt94y _nhket94y _h909i8nm _scgayz1z _ipl81e17 _40uk1l04 _i81p1a66 _1gx21e5h _1ls01ule _vm2c1rh5 _12ok1rh5 _rude1ule _1q16glyw _1io6glyw _juomusic _lcwuusic _pyovu2gc _ccm6u2gc _1ascu2gc _1yuau2gc _xr0w1a66 _4io21a66 _euyxusvi _cahfusvi _zhnuidpf _1amdidpf _mbgc124n _bu7z124n _131n1giz _gy101giz _1wfuwrk5 _16kzwrk5 _9kk3moej _cjus1w1g _9k2r1m30 _nhmw1m30 _yl021m30 _eiht5x2v _t9zb5x2v _mqok1w1g _3hsg1w1g _i7ngn7od _9wu1fb2s _1xcoh55r _1t36i7uo _137bh55r _1k7di7uo _97li16jw _12nh9lu1 _1g0517qg _i2igqmo9 _326zi7uo _113p1rpy _1n6t16jw _tgu817qg _1k4716jw _g0lxi7uo _ys4e1rpy _7gp8h55r _1yvqqmo9 _1vwwqmo9 _1rjuqmo9 _1v0lh55r _wmyy17qg _748n17qg _1mfn17qg _1d7e17qg _p2vr17qg _19o6qmo9 _kxov17qg _1np517qg _m2f517qg _1b9t16jw _1tq616jw _1rd216jw _1pbk16jw _k3li16jw _13zt1rpy _2g12fb2s _k86bqmo9 _b5iy1rpy _gti31rpy _1f0g16jw _9d3e17qg _qdia16jw _72uv16jw _13dgkb7n _1707efft _1i3h1txw _16noidpf _h4fuidpf _pp6yidpf _1g4tidpf _11wmidpf _1bx8idpf" data-code-lang="" data-ds--code--code-block="" data-testid="renderer-code-block" style="--ads-code-line-number-width: calc(1ch + 16px); --ads-highlighted-start-text: Highlight start; --ads-highlighted-end-text: Highlight end;">`<span class="" data-ds--code--row="" data-testid="renderer-code-block-line-1"><span class="">Start-ScheduledTask -TaskName ‘\Microsoft\Windows\PI\Secure-Boot-Update’</span></span>`</span></span>

Once complete, the **UEFICA2023Status** indicates **InProgress**.

Your computer can freeze for a few minutes.

[![image.png](http://doc-trevette.duckdns.org/uploads/images/gallery/2026-01/scaled-1680-/jv0image.png)](http://doc-trevette.duckdns.org/uploads/images/gallery/2026-01/jv0image.png)

<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;">After a reboot, start the </span>**Secure-Boot-Update**<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;"> scheduled task once more. The </span>**UEFICA2023Status**<span style="color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 16px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: pre-wrap; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial; display: inline !important; float: none;"> should indicate that it has been updated (may require one more reboot!).</span>

it’s done.

<div class="highlighter-context page view" data-inline-comments-target="true" data-testid="page-content-only" id="bkmrk--2" style="margin: 0px; padding: 0px; box-sizing: border-box; clear: none !important; position: static !important; color: rgb(41, 42, 46); font-family: 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; white-space: normal; background-color: rgb(255, 255, 255); text-decoration-thickness: initial; text-decoration-style: initial; text-decoration-color: initial;"><div class="_19itglyw _vchhusvi _r06hglyw _19pkidpf _2hwx1wug _otyr1epz _18u01wug _1bsb1osq" style="margin: 0px auto 80px; padding: 0px; border: none; width: 834px; box-sizing: border-box; appearance: none;"><div style="margin: 0px; padding: 0px;"><div class="wiki-content css-lv728d e5xcnr80" data-test-appearance="full-page" data-testid="pageContentRendererTestId" data-vc="pageContentRendererTestId" id="bkmrk--3" style="margin: 0px; padding: 0px;"><div class="renderer-overrides" style="margin: 0px; padding: 0px;"><div class="css-3qfej8" style="margin: 0px; padding: 0px; container: ak-renderer-wrapper / inline-size;"><div class="ak-renderer-wrapper is-full-page css-pw7jst" style="margin: 0px; padding: 0px; position: relative; width: 834px;"><div class="css-1fjx8wr" style="margin: 0px auto; padding: 0px 32px; font-size: 16px; line-height: 1.5rem; color: rgb(41, 42, 46); --ak-editor--full-width-layout-width: 1800px; --ak-renderer--full-page-gutter: 32px; max-width: 760px; overflow-wrap: break-word; white-space: pre-wrap; --ak-editor--breakout-container-without-gutter-width: calc(100cqw - 32px * 2); --ak-editor--breakout-wide-layout-width: 905px; --ak-renderer-base-font-size: 16px; --ak-renderer-editor-font-heading-h1: normal 600 1.71429em/1.16667 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-heading-h2: normal 600 1.42857em/1.2 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-heading-h3: normal 600 1.14286em/1.25 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-heading-h4: normal 600 1em/1.14286 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-heading-h5: normal 600 0.857143em/1.33333 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-heading-h6: normal 600 0.785714em/1.45455 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif; --ak-renderer-editor-font-normal-text: normal 400 1em/1.714 'Atlassian Sans', ui-sans-serif, -apple-system, BlinkMacSystemFont, 'Segoe UI', Ubuntu, 'Helvetica Neue', sans-serif;"><div class="ak-renderer-document" style="margin: 0px; padding: 0px;">  
</div></div></div></div></div></div><div class="_kqswstnw _lcxvglyw _c71l12am" data-testid="comment-container" id="bkmrk--4" style="margin: 0px; padding: 0px; position: absolute; pointer-events: none; max-height: 50px; left: 817px; top: 0px;"></div></div></div></div>