Hi @Art_OldDude_2,

Welcome to the HP Support Community.

Thank you for posting your query.

I am sorry to hear that seems like you are encountering an error related to Secure Boot certificates on your HP Pavilion 590-p0050, indicating that while a BIOS update has been applied, the updated Secure Boot certificates have not yet been implemented. I would request you to please follow the steps:

Access BIOS Settings:

• Restart your computer and enter the BIOS setup. 
• This is typically done by pressing the "Esc" or "F10" key repeatedly as the computer starts up.

Check Secure Boot Configuration:

• Once in the BIOS, navigate to the "Boot" or "Security" tab.
• Ensure that Secure Boot is enabled. If it's not, enable it to ensure the system's security integrity.

Clear TPM Errors

• Open Windows Security → Device Security → Security processor details.
• Select Clear TPM (this resets TPM keys but does not affect data).
• Restart and check Event Viewer again.

Update via HP Support:

• Go to the HP Customer Support website and check for any specific updates related to Secure Boot certificates under your product’s support page.

Take care and have an amazing day!

Did we resolve the issue? If yes, please consider marking this post as "Accepted Solution" and click "Yes" to give us a helpful vote - your feedback keeps us going!

Regards

Pallipurath.

Hi @Art_OldDude_2,

Thank you for responding.

I’m glad to hear that the issue has been resolved. If you experience any further difficulties, please don’t hesitate to contact us. We’ll be more than happy to assist you and ensure everything continues to work smoothly.

Take care and have an amazing day!

Did we resolve the issue? If yes, please consider marking this post as "Accepted Solution" and click "Yes" to give us a helpful vote - your feedback keeps us going!

Regards

Pallipurath.

What about those of us not computer savvy? When will HP or Microsoft help us?

The big issue is HP is not providing a BIOS update for the affected hardware that is running Windows 11.  For instance, I am running this old HP Pavillion 500 series.   If you go to this Microsoft knowledge base:  Windows Secure Boot certificate expiration and CA updates - Microsoft Support   and look at the last item on the left side of the list.   It takes to you your OEM Manufacturer.   In our case. that is HP support.    When you go to HP, they ask for your unit serial number and takes you to a download page if there is a BIOS update available to install to solve this problem.   Your hardware might be supported and then you'll get the updated Keys with a new BIOS update.   When I went there, I found that my hardware didn't list any Windows 11 Driver and BIOS updates, only Windows 10 was supported.   My equipment is not supported any longer by HP to run Windows 11 updated versions.   Since Windows 10 OS is at the end of support, for folks like me that can't afford a new PC right now, we might be stuck.   The BIOS in my Desktop came out in 2023.   It was designed to run on Windows 10 and there are no Windows 11 drivers listed.   When I upgraded to Windows 11 25H2, I had to use the drivers for Windows 10.    However, Microsoft allowed the free update to Windows 11 home in Windows Updates, when it was first available before 2023   At the time most Windows 10 Drivers worked in Windows 11.  However, since that time things have changed.    I'm not even sure that the procedure above will fix the whole issue since the Crypto and TPM in my system are using the 2023 BIOS update, and this issue is affecting systems needing the rekeyed before the Jun 2026 deadline.   Reading the article for home users, it says the OEM would supply BIOS and updates to fix the problem.   HP not providing driver or BIOS support is basically saying you are needing new hardware, because HP isn't supporting you even if the hardware you are running has Windows 11, using Windows 10 Drivers and BIOS releases.    The article does provide info on the various hardware going back to systems older than 2017 and that supported systems would receive the update.   However, based on my PC generating the Event 1801 Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware after the 25H2 update means that I had to find a solution to force the Keys to be saved and updated in BIOS.   That's where the article and help from the Eleven Forum guys and using PowerShell to manually apply the Key updates is the only thing I could find to address the issue.   

That is my exact problem with a TP01-0066. HP needs to provide an update for those of us who upgraded to Windows 11. That update needs to be provided before the deadline. HP is forcing us to buy a new desktop for no technical reason as far as hardware limitations. Someone in corporate HP needs to give us answers. Their website is useless and we should not have to jump through hoops to be safe after June.

Great question - the answer is prob. never.