Share via

Update "Secure Boot Allowed Key Exchange Key (KEK)" - Causing Problems

John Gregory 40 Reputation points
2026-02-10T13:59:10.89+00:00

Secure Boot Allowed Key Exchange Key (KEK) Update, installed 2/9/2026 seems to be causing problems with my browser.  Since this install, the browser is redirecting to the wrong Microsoft SSO site instead of the site I want (My work site).

There does not seem to be any way around it. Once I am at the site, there does not seem to be a way to get back.

The update is the only thing that changed.

How do I uninstall the "Secure Boot Allowed Key Exchange Key (KEK) Update"

Windows for business | Windows 365 Enterprise
0 comments
Answer accepted by question author
  1. Jason Nguyen Tran 12,250 Reputation points Independent Advisor
    2026-02-10T14:42:53.1833333+00:00

    Hi John Gregory,

    From what I know, the “Secure Boot Allowed Key Exchange Key (KEK)” update is a firmware-related security update designed to strengthen the Secure Boot process. Because of its nature, it cannot be uninstalled like a typical Windows cumulative update. Once applied, KEK updates modify the Secure Boot key database at the firmware level, and rolling them back is not supported.

    That said, the browser redirection you are experiencing is unlikely to be caused directly by the KEK update itself. Instead, it may be related to cached credentials or Single Sign-On (SSO) session tokens that were invalidated after the update. To address this, I recommend clearing your browser cache and cookies, signing out of all Microsoft accounts, and then signing back in with your work account credentials. You may also want to check your organization’s Azure AD or Microsoft Entra configuration to ensure the correct SSO endpoint is being used.

    If the problem persists, you can test with another browser or an InPrivate/Incognito session to confirm whether the issue is session-related. Additionally, reviewing your device’s event logs and network traces may help identify if the redirection is tied to a policy or configuration change rather than the KEK update itself.

    In short, the KEK update cannot be uninstalled, but the redirection issue can usually be resolved by refreshing authentication settings and ensuring your organization’s SSO configuration is correct.

    I hope this explanation helps clarify the situation and gives you a path forward. If you find this answer helpful, please consider clicking Accept Answer so I know your issue has been resolved. Feel free to reply if you need any further information.

    Jason.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-02-10T14:00:18.81+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To uninstall the "Secure Boot Allowed Key Exchange Key (KEK) Update," you typically need to access the Windows settings or use the Control Panel. However, the specific steps for uninstalling a KEK update are not detailed in the provided context. It is recommended to check the Windows Update settings or consult the relevant Microsoft documentation for guidance on managing updates related to Secure Boot and KEK.

    If the update is causing issues, you may also consider disabling Secure Boot temporarily to see if that resolves the browser redirection problem, but be cautious as this can affect system security.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.