Timebombs are a piece of code that that triggers after a certain amount of time and causes disruption. Microsoft has a timebomb in Windows 10 that they refuse to fix that will trigger in July 2026 and prevent you accessing your data if you have not enrolled your computer into their Extended Service Updates (ESU) programme.
What is this timebomb?
Windows uses a key and certificate to encrypt a hard drive. The key is usually stored in the Microsoft account and the certificate is stored in the UEFI (Unified Extensible Firmware Interface) that is a small program that manages the computer before Windows starts up.
It is the UEFI certificate that expires in July 2026.
Computers that have enrolled into the Extended Service Updates programme get an update that fixes this problem by adding the new version of the certificate so that the drive will be able to be decrypted on the fly after July 2026 but those which aren’t enrolled won’t receive the update.
What can I do to fix this?
The simplest solution is to enrol in the Extended Services Updates programme which can be found under Settings > Update & Security > Windows Update
Note that the Extended Service Updates programme comes to an end in October 2026.
Which versions of Windows 10 does this affect?
This problem affects Windows 10 Home, Pro and Enterprise that have not been enrolled in the Extended Service Updates programme.
This does not affect LTSB or LTSC versions of Windows 10 as they are currently supported for regular updates.
This also does not affect Windows 11.