**Upgrade Now: Microsoft Issues Security Warning to Those Still on Windows 10**

Microsoft has issued a stern warning to users still running on Windows 10, highlighting the growing vulnerability of devices as software certificates for Secure Boot are set to expire in June. This feature, introduced in 2011 with Windows 8, ensures that only trusted software runs during the boot process, preventing potential "pre-boot malware" threats.

The problem lies in the fact that all Windows-based devices have carried the same set of Microsoft certificates, which are due for expiration. While the company has been warning businesses about this issue, it's now turning its attention to consumers who may be unaware of the impending threat.

For users running on Windows 11, the update will be rolled out through monthly Windows updates with "no additional action required." PC manufacturers have also begun provisioning updated certificates on new devices and many newer PCs built since 2024 already include the necessary certificates, requiring no further action from customers.

However, millions of consumers continue to use Windows 10, which officially lost support last year. As a result, Microsoft is no longer distributing new updates or security patches for the OS, leaving it more vulnerable to malware and other hacking threats.

The good news is that Microsoft offers a free way for Windows 10 users to receive security patches through Oct. 13, 2026 via its "Extended Security Updates" program. If your Windows 10 machine is enrolled in this program, you can expect to receive new software certificates for Secure Boot.

But if not, your computer will miss out on the update and enter a degraded security state that limits its ability to receive future boot-level protections. This means an unsupported Windows PC could become vulnerable to malware capable of infecting components on a firmware level, potentially surviving OS reinstalls.

"As new boot-level vulnerabilities are discovered, affected systems become increasingly exposed because they can no longer install new mitigations," Microsoft warns. "Over time, this may also lead to compatibility issues, as newer operating systems, firmware, hardware, or Secure Boot–dependent software may fail to load."

Many older Windows 10 PCs face a security conundrum: either pay for new hardware or register for the ESU program to keep their Windows installation secure. This has led to a lingering presence of Windows 10 on the desktop market, holding a 35.77% share compared to Window 11's 62.4%, according to Statcounter.

Users can mitigate the threat by installing third-party antivirus onto an unsupported Windows 10 PC. In the meantime, Microsoft plans to make the Secure Boot certificate update status available in the built-in Windows Security App "to help consumers track the certificate updates more closely."

Microsoft advises users to check for the latest monthly Windows updates and ensure they have the latest firmware updates from their OEM (PC manufacturer) support pages. A separate firmware update may be required for some devices before the new Secure Boot certificates can be applied.

The company has made it clear that the time to upgrade is now, especially with millions of users still on Windows 10. With a looming deadline and an increasing threat landscape, it's essential for those running outdated OS versions to take action and safeguard their devices against potential security risks.