ΛRIΞN👨‍💻 de Groot

BlueSky 🦋 @ariendg bsky.app/profile/ariend… #followmethere?

Manual Update of the Secure Boot Platform Key in Virtual Machines Virtual machines that do not have a valid Platform Key (PK) fail to complete automated updates to Secure Boot databases, including KEK. knowledge.broadcom.com/external/artic… #Broadcom #VMware #SecureBoot #Certificates #WinServ

New blog post: Secure Boot Rollout Scripts added in May 2026 Security Update - The generated dashboard is not half-bad :) deploymentresearch.com/secure-boot-ro…

GitHub - Scholdan/vmware-secureboot-pk-update: #PowerCLI automation for #VMware Secure Boot PK enrollment with HID firmware navigation, snapshot-safe rollback, and cleanup. github.com/Scholdan/vmwar… #Automation #SercureBoot

Ever looked inside C:\Windows\System32\SecureBootUpdates? 11 files. This is where Windows stores every binary payload the scheduled task uses to write certificates to your firmware. Each file maps to a specific bit in the AvailableUpdates registry bitmask. The 83MB cabinet file at the top is Microsoft's device confidence database with 1.5 million device records that determines which devices get auto-deployed and which need manual triggering. If this folder is empty or missing on a device, certificate deployment cannot work regardless of what registry value you set. Check your machines. Register here: docs.kaidojarvemets.com/training/secur… #SecureBoot #UEFI #Windows #CyberSecurity #Firmware

Windows Server won't get Secure Boot certificates via Windows Update. So administrators should prepare for manual certificate updates an Windows Server till End of May 2026. borncity.com/win/2026/03/04…

Secure Boot certificate updates aren’t automatic for Windows Server. Read up on what’s changing and how to proactively update your environment before certificates expire: msft.it/6013vrdb7

🔥 Two new Windows zero-days expose a BitLocker bypass in WinRE and a CTFMON privilege escalation issue. YellowKey affects Windows 11 and Server 2022/2025; GreenPlasma could enable abuse of SYSTEM-writable paths. Full story: thehackernews.com/2026/05/window…

I just reverse engineered the YellowKey BitLocker bypass Microsoft shipped code that checks for a flag called "FailRelock" in every Windows 11 recovery image. When it's set to 1, after recovery unlocks your BitLocker drive, it never relocks it. All you need is a USB stick. This code only exists in the recovery environment. Not in normal Windows. They left an entire debug testing framework in production.

@manelrodero @thurrott @StevenKister1 @kaidja Btw, I am working here on Windows 11 Enterprise edition. Playing with this Enablement x.com/ariendg/status…

@ariendg @thurrott @StevenKister1 @kaidja And on a computer that does not have the key to not hide the Secure Boot information, the following appears:

Per @thurrott, Microsoft created yet another Secure Boot Manager article: support.microsoft.com/en-us/topic/it…

@manelrodero @thurrott @StevenKister1 Microsoft Windows [Version 10.0.26200.8246]

@manelrodero @thurrott @StevenKister1 I see no changes in the Windows Security Settings App - Device Security after adding the Value and Data for HideSecureBootStates I did reboot afterwards

Did you see PowerToys has a new utility to make it easier to move windows? You just need to hold ALT or the Windows key and you can drag anywhere on the window to move it aka.ms/PowerToys

Original publish date: April 2, 2026

support.microsoft.com/en-us/topic/it… The new Secure Boot certificate update indicators are disabled by default on these devices. It's assumed that, IT admins likely to manage Secure Boot certificate updates centrally rather than relying on perdevice userfacing notifications and text. #Windows

🚨 A new UNPATCHED Linux kernel “Dirty Frag” LPE flaw enables root access on Ubuntu, RHEL, Fedora and other distributions. Researchers released a working proof-of-concept exploit capable of gaining root in a single command. Details here: thehackernews.com/2026/05/linux-…

Microsoft confirms millions of PCs will not receive critical new Secure Boot certificates. forbes.com/sites/zakdoffm…

Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them.

⚠️ Microsoft Edge Stores All Saved Passwords in Cleartext Process Memory at Launch Source: cybersecuritynews.com/microsoft-edge… Microsoft Edge decrypts every stored password into process memory the moment the browser launches and keeps them there as cleartext, regardless of whether the user ever visits those sites. A researcher who systematically tested every major Chromium-based browser for credential memory handling behavior. Edge was the only browser that exhibited this behavior, loading the entire password vault into plaintext process memory at startup and retaining it for the duration of the session. In a published proof-of-concept video accompanying the disclosure, a compromised administrator account was used to successfully extract stored credentials. #cybersecuritynews