Windows 10 bug: Certificates lost after feature upgrade? We're working on fix, says Microsoft

Microsoft confirms that upgrading to a newer version of Windows 10 sometimes results in lost certificates.

Securing Windows 10 PCs: What to watch out for

Microsoft has confirmed reports that Windows 10 is losing system and user certificates when computer owners upgrade to a newer version of the operating system. 

User reports emerged a week ago about the forgotten-certificate glitch that happens upgrading to a higher Windows 10 build, as reported by Borncity at the time. Users report the certificates being lost when upgrading to multiple versions of Windows 10. 

Microsoft has now confirmed that system and user certificates might be lost when upgrading from Windows 10 version 1809 to a later version. 

SEE: Windows 10 Start menu hacks (TechRepublic Premium)

However, the company notes there are several preconditions for the lost-certificate issue to manifest itself when upgrading.  

"Devices will only be impacted if they have already installed any latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated," Microsoft explains. 

The LCU refers to the non-optional security update that Microsoft releases the second Tuesday of each month, aka Patch Tuesday. 

As one user on Reddit noted, losing user or system certificates in Windows is a real problem, especially now because of working from home requirements during the pandemic. Most VPNs rely on these digital certificates to function.   

The forgotten-certificate issue happens mostly when managed devices are updated using "outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager".

However, it might also happen "when using outdated physical media or ISO images that do not have the latest updates integrated". 

The impact should be fairly narrow since the issues doesn't affect devices that connect directly to Windows Update or devices that use Windows Update for Business. 

Microsoft is working on a fix and will provide updated bundles and refreshed media in the coming weeks. 

SEE: Microsoft is planning a big refresh to the Windows 10 UI with 'Sun Valley' in 21H2: Report

However, the company does offer a workaround, which involves rolling back to the previous version of Windows within the 10- to 30-day uninstall period. 

Affected Windows 10 versions include versions 20H2, 2004, 1909, and 1903, as well as their corresponding Server versions.