Desktop Hardware and Upgrade Questions

In June '26 certificates pertaining to Secure Boot expire, ref: CVE-2023-24932.

To make sure this doesn't affect my HP desktops I started looking at updating the BIOS/firmware.

After following Microsoft documentation on a test machine I came across a problem where I was unable to complete the mitigation guidelines.

I added the regkey that permits the updated certificate definitions and executed the associated ScheduledTask for the Secure Boot Update, which is followed by a check to see if the DB was updated, but it didn't work. Without the updated DB I'm unable to complete the next task, which is to install the "Windows UEFI CA 2023" signed boot manager.

When the ScheduledTask attempts to run I get the following error in Event Viewer: "1795 - The system firmware returned an error Unspecified error when attempting to update a Secure Boot variable"

From my investigation, I believe my systems still require a BIOS/firmware update that supports the new certificates.

I'd already applied the latest BIOS/firmware, so my question to HP is... are ProDesk G4, G5 and G6 machines in line for an update any time soon, or are they up to date and there's some other issue?

My machines have the latest Windows security updates applied.

Test machine BIOS version: Q50 v01.08.07

Ta,

Steve