← Back
Updated Secure Boot status report in Windows Autopatch
MC1315905 · build prod-20251231-200323
Category
stayInformed
Severity
normal
Major change
True
Last modified
2026-05-19 17:01:37
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
Services
Windows
Tags
Admin impact
Master tags
Admin, Security
Roadmap IDs

One-line summary

Windows Autopatch Secure Boot status report now offers detailed device-level insights, confidence levels, alerts, and certificate reporting for improved certificate rollout decisions.

Similar updates

More like this
MC1106737 Get started with June 2025 improvements in Windows 11
How this will affect your organization:   You can start seeing improvements across various workflows in your organization with:  Hotpatching for Windows Server 2025  Configuring role-based access control (RBAC) in Windows Autopatch  New secure by default capabilities for Windows 365 Cloud PCs  Preparation for expiration of Secure Boot certificates.
MC1139443 Secure Boot certificate expiration: What Windows IT admins need to know now
Secure Boot certificate expiration: What Windows IT admins need to know now Microsoft is updating Secure Boot certificates before current ones expire in 2026; IT admins must ensure systems accept new certificates to maintain security and updates. Secure Boot protects Windows s... This post outlines what enterprise IT admins need to know and do..
MC1104112 (Updated) Act now: Secure Boot certificates expire in June 2026
(Updated) Act now: Secure Boot certificates expire in June 2026 Microsoft will roll out updated Secure Boot certificates for Windows systems; current certificates start expiring June 2026, requiring firmware and policy updates to maintain security. Updated July 8, 2025: survey link changed In the coming months, Microsoft will be rolling out.
MC1185931 Secure Boot playbook for certificates expiring in 2026
Secure Boot playbook for certificates expiring in 2026 Secure Boot certificates on many Windows devices will expire in June 2026; admins should monitor, prepare, and update certificates to ensure continued protection. Additional information: Bookmark https://aka.ms/GetSecureBoot for more information about this change, detailed guidance for.
MC1173103 Secure Boot certificate deployment guide and tools
Secure Boot certificate deployment guide and tools Update expiring Secure Boot certificates to 2023 CAs using new guides and tools; 2011 CAs start expiring June 2026, with 2023 CAs rolling out via Windows updates from October 2025. Use the newly published guide and tools to start updating your organization’s expiring Secure Boot certificates. As.
MC1192178 New Windows Autopatch reports on CVEs
New Windows Autopatch reports on CVEs A new Windows Autopatch CVEs report in Intune helps track remediated vulnerabilities, device risk status, and links to remediation steps for improved security management. A new Windows Autopatch report empowers your organization to prioritize update deployment, demonstrate compliance, and maintain a.

Details

Body (from Message Center)

The Secure Boot status report in Windows Autopatch has been updated to offer deeper, device-level insights into Secure Boot certificate status, trust configuration, and readiness. New insights—such as confidence level, alerts, and detailed certificate reporting—can help you make more informed, targeted decisions about rolling out and monitoring certificate updates.
 
When will this happen:
These updates are now live in Windows Autopatch.
 
What you need to do to prepare:
No immediate action is required. We recommend reviewing the updated report in the Intune admin center and using the new signals to guide your Secure Boot certificate rollout strategy. They can also help you identify devices that need updates and plan targeted remediations.
 
Additional information:
You can learn more about the Secure Boot status report by consulting the Windows Autopatch documentation. For continued guidance and updates on Secure Boot in general, we recommend that you bookmark aka.ms/GetSecureBoot

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw 
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": null,
    "ai_actions": [
      "Review updated Secure Boot report in Intune",
      "Use new insights for certificate rollout planning"
    ],
    "ai_master_tags": [
      "Admin",
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Windows Autopatch Secure Boot status report now offers detailed device-level insights, confidence levels, alerts, and certificate reporting for improved certificate rollout decisions.",
    "ai_topics": [
      "Windows",
      "Intune"
    ],
    "category": "stayInformed",
    "details_map": {},
    "id": "MC1315905",
    "importance": 3,
    "is_major_change": true,
    "last_modified": "2026-05-19T17:01:37Z",
    "ms_products": [
      "Windows"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Windows"
    ],
    "severity": "normal",
    "tags": [
      "Admin impact"
    ],
    "title": "Updated Secure Boot status report in Windows Autopatch"
  }
}