Share via

Device Security - Secure Boot

IvoMI 0 Reputation points
2026-06-17T07:25:12.6866667+00:00

Windows Security has displayed the following:

Secure Boot is on, but your device does not support the automated Secure Boot certificate update due to hardware or firmware limitations. Contact your device manufacturer for assistance.

I have a Dell XPS 8930 with Windows 11 and I have contacted Dell. In the meantime, is there anything that I could/should do?

Regards,

IvoMI

Windows for home | Windows 11 | Security and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. DaveM121 891K Reputation points Independent Advisor
    2026-06-17T08:00:25.0966667+00:00

    You cannot manually update the Secure Boot Certificates yourself, that will be applied by Windows udpates automatically, Microsoft have only really started releasing the updates in the June updates and they indicate they will continue to release the certificate updates over the next few months.

    In the meantime, go to the support page for your PC on the Dell website, to ensure you have installed all available BIOS and Firmware updates

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments

  2. AI answer

    2026-06-17T07:25:23.1533333+00:00

    The message indicates that Secure Boot is enabled, but the device’s firmware cannot receive the new Secure Boot certificate updates automatically. These certificates, originally issued in 2011, start expiring in June 2026, and Microsoft is updating them to ensure devices continue to verify trusted boot software.

    On supported systems, the update is delivered through normal Windows Update as long as:

    1. The device is running a supported version of Windows 10 or Windows 11.
    2. Windows Update is not paused.
    3. Secure Boot is enabled.

    If Secure Boot is enabled but the device does not support automated certificate updates, the only additional step recommended is to work with the device manufacturer (Dell) for firmware/BIOS updates or guidance, as the limitation is in hardware/firmware, not in Windows. There is no extra configuration in Windows that can override that limitation.

    In the meantime:

    1. Ensure the device is fully updated via Windows Update and that updates are not paused.
    2. Confirm Secure Boot is indeed on:
      • Press Windows + R, type msinfo32, press Enter.
      • In System Information, verify Secure Boot State shows On.
    3. Monitor Dell’s support site or tools for BIOS/firmware updates that may add support for the new Secure Boot configuration.

    If Dell later provides updated firmware that supports the new certificates, install that update and keep Windows Update enabled so the Secure Boot certificate updates can be applied when available.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.