Windows Boot Manager not updated

Copper Contributor

KB5025885 outlines how to update Windows Boot Manager, but build 26257 still has a Windows Boot Manager that is signed with the old "PCA 2011" certificate.

 

The manual processes in KB5025885 are a real pain (and don't scale) so it would be very annoying if this is not fixed before RTM.

 

https://support.microsoft.com/en-us/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocatio...

2 Replies

Second this. My hope and humble expectation is that an in-place upgrade to build 26100 will care to fix the certificate for secure boot and also closing the WinRE security issue by a suitable resized and recreated WinRE Partition when upgrading WS 2012 R2 through 2022 to WS 2022.

 

Is this something you would like to consider with a dynamic update for setup? 

Still not fixed in 26280.