Certificate issues still continue during March Patch Tuesday

Reading time icon 3 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

Key notes

  • Those of you running the latest versions of Windows 10 have probably already seen the update notification.
  • If you do decide to install this update, know that it still hasn't fixed the loss of certificate issue.
  • Unfortunately, this issue doesn't have a workaround, so not updating is also an option.
  • Read more details about the update and decide whether to go for it or not.
KB5000802 KB5000808

Windows 10 is the best Windows OS for a reason, and that is the frequent updates that it benefits from, regardless of the version that you are running.

These updates can be more or less significant, with the most important of them being the monthly Patch Tuesday updates.

Speaking of which, the March Patch Tuesday updates are here, and they bring a whole world of changes to the Windows OS, although not all versions of Windows 10 receive the same treatment.

However there are times when some issues persists throughout updates, such as the certificates issues from Windows 10 v20H2/v2004, and Windows 10 v1903/v1909.


Loss of certificates still present even after this month’s updates

All the way back in January 2021, Microsoft reported that their cumulative updates for Windows 10 v20H2/v2004, and Windows 10 v1903/v1909. were plagued by an issue that could lead to a loss of certificates:

System and user certificates might be lost when updating a device from Windows 10, version 1809 or later to a later version of Windows 10.

Devices will only be impacted if they have already installed any Latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated.

This primarily happens when managed devices are updated using outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager.

This might also happen when using outdated physical media or ISO images that do not have the latest updates integrated.

Note Devices using Windows Update for Business or that connect directly to Windows Update are not impacted. Any device connecting to Windows Update should always receive the latest versions of the feature update, including the latest LCU, without any extra steps.

Unfortunately, 2 month’s worth of updates was not enough for Microsoft to patch this issue up for good. More so, they failed to provide a workaround for the issue as well, so users are left to update on their own risk.


That being said, it is up to you whether you update your PC with the latest cumulative update or not.

If you decide on the latter, you could always try postponing the Windows Update process of your PC for up to 35 days, although that isn’t something that we recommend, strictly for security reasons.

For example, not updating your Windows 10 PC leaves you vulnerable to Exploit Wednesday or Uninstall Thursday.

More so, there’s also the fact that this month alone 97 CVEs were discovered in Microsoft and Adobe products, so if you use a lot of them, there’s a high chance that your system may by at risk as well.

Will you update your PC now that you know what the cons of the cumulative update are?

If not, let us know what you will do instead by leaving a comment in the section below.

More about the topics: patch tuesday, windows 10 updates

User forum

1 messages