You can verify if the new Windows UEFI CA 2023 certificate has been successfully applied using either the Windows Security app or a quick PowerShell command. [1, 2]
Method 1: Use the Windows Security App (easiest) [1]
Starting in April 2026, Microsoft updated the Windows Security App to show this status directly:[1, 2, 3, 4]
- Open Start, search for Windows Security, and open it.
- Select Device security from the left-hand menu.
- Look under Secure Boot for a status badge:
Method 2: Use a PowerShell Command [1]
For a more technical confirmation, you can check the UEFI database for the specific 2023 certificate entry: [1, 2, 3]
- Right-click the Start button and select Terminal (Admin) or PowerShell (Admin).
- Copy and paste the following command, then press Enter:
([System.Text.Encoding]::ASCII.GetString((Get-SecureBootUEFI db).bytes) -match 'Windows UEFI CA 2023') - The Result:
What if it says "False"?
If you see "False" or a yellow badge, ensure you have installed all pending updates in Settings > Windows Update. Because this rollout is phased, some devices may not receive the final certificate write until a later cumulative update or a specific OEM firmware update is released for your hardware. [1, 3, 4]
Are you seeing a Yellow or Red badge on your device, or did the command return False?
No comments:
Post a Comment