FTR this will also affect the secure booting of Linux, as (inexplicably) all the Linux distros agreed to let Microsoft be the signing authority for UEFI booting of Linux too. (Linux “shim” updates are signed with the Microsoft Third Party CA, it also expires in 2026.)
It looks like Microsoft are extremely keen that only Windows updated the UEFI keys (so they can predictively resign the bitlocker key). And there’s lots of “OEM must push Firmware” cases, so end of support devices may be… stuck.
=> More informations about this toot | View the thread | More toots from ewenmcneill@cloudisland.nz
text/geminiThis content has been proxied by September (ba2dc).