According to Linux Weekly News, a critical Microsoft Secure Boot certificate is set to expire this September. Since twenty eleven, this certificate has signed the shim — the bootloader that lets Linux distributions boot with Secure Boot enabled on most systems. Microsoft has a replacement key from twenty twenty-three standing by, but here's the problem: most system firmware databases don't have it yet. Vendors will need to push firmware updates before the deadline, or new Linux installations won't boot on those machines. The good news: already-installed Linux systems are safe, because they use their own bootloader keys. The real impact is on fresh installations. Users can grab firmware updates from the Linux Vendor Firmware Service using the fwupd tool before September. It's mainly a coordination effort between vendors and users, but worth paying attention to.

Listen to this story

Hear this and more stories in a personalized audio briefing.

Open The Chonkerton