Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.


Windows updates released on and after February 13, 2024 include the ability to apply the Windows UEFI CA 2023 certificate to UEFI Secure Boot Allowed Signature Database (DB). Updating the DB will enable devices to receive future boot loader updates that are included in monthly updates.

This is important because the existing certificate will expire and moving to the new certificate is the first step in preparing devices to work with upcoming boot loader updates that will be cryptographically signed by using the new certificate.

Updates to the DB are known to have compatibility issues with some devices. To ease the rollout to Windows devices, the update to the DB does not apply automatically. For enterprise environments, it is important to have a controlled rollout of the update after careful validation with representative devices present in the environment to avoid any disruption.

For a detailed explanation, please see Updating Microsoft Secure Boot Keys.

Take Action

Deploy the DB update to representative sample test devices by following the deployment guidance provided in Updating Microsoft Secure Boot Keys.

After a test device successfully updates the DB, it should be safe to roll out the DB update to devices with the same hardware and firmware configuration. You can do this by setting the following registry key by using deployment software such as Group Policy or mobile device management (MDM):

Registry path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot

Name: AvailableUpdates

Value: 0x40

After the device has restarted, the DB should be updated. In some cases, a second restart may be required.

Known issues


Next step

ARM64-based devices are currently blocked from applying the DB update.

Microsoft is working with OEM device vendors to update their firmware to address an issue with ARM64-based firmware.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!