Stone Computers Knowledgebase Stone Computers Knowledgebase
Knowledgebase
News
Downloads
Driver Finder
Support
...
Home / Third Party Products / Windows Server / Windows 2023 UEFI Certificate Authority Firmware Update Nudge (FUN)...

Windows 2023 UEFI Certificate Authority Firmware Update Nudge (FUN) Utility

Article ID: 982
Last updated: 12 Mar, 2026
Article ID: 982
Last updated: 12 Mar, 2026
Revision: 6
Access: Public
Views: 19
Posted: 12 Mar, 2026
by Andrew Sharrad
Updated: 12 Mar, 2026
by Andrew Sharrad

Windows 2023 UEFI Certificate Authority Firmware Update Nudge (FUN) Utility

The UEFI FUN Utility attached will help drive Windows forward in making changes to the system firmware including certificate databases.

It will also log actions and the current state of the system.

Switches:

  • -Report Only
    • Log system details in the Windows Application Log
  • -Silent
    • No console window.
    • Log system details and actions in the Windows Application Log
  • -Verbose
    • Log additional system details in the Windows Application Log

This utility has been tested on:

  • Windows 11 25H2
  • Windows Server 2022
  • Windows Server 2025

Actions

Depending on the system state the utility may:

  • Set the registry value of HKLM:\SYSTEM\CurrentControlSet\Control\SecureBoot > AvailableUpdates to 0x5944
  • Run the scheduled task \Microsoft\Windows\PI\Secure-Boot-Update. This scheduled task usuall runs every 12 hours by default

Most systems will need 1-3 reboots to completely finish the update process. FUN will not reboot the system.

Pre-Requisites

  • Windows has the May 2025 cumulative updates installed or later
  • UEFI boot is enabled without CSM (FUN checks for this and reports back
  • Secureboot is Enabled (FUN checks for this and reports back)
  • FUN needs to be run with Administrative rights

Event Log Outputs

User Actions Required
Secure Boot Not Enabled (Enable UEFI Boot, Disable CSM, Enable Secure Boot) 5010
Secure-Boot-Update Scheduled task is not installed 5011
Secure-Boot-Update Scheduled task is currently running, run FUN again after 5 minutes 5021
System state undetermined. Run FUN again after 5 minutes 5031
RestartRequiredForVSMBFSVCAI Reboot Required 5041
RestartRequiredForVSM Reboot Required 5042
RestartRequiredForVSMBFSVCAI and RestartRequiredForVSM Reboot Required 5043
Nudge Status
No further action required 5000
Nudged with Registry and Scheduled Task 5050
Nudged with Scheduled Task 5051
Nudged disabled but needed 5052

Note: Before deploying this utility, test it on a sample of different computers/servers/virtual machines first for any unexpected adverse effects

Applies to:

  • All products running Microsoft Windows
This article was:  
Article ID: 982
Last updated: 12 Mar, 2026
Revision: 6
Access: Public
Views: 19
Posted: 12 Mar, 2026 by Andrew Sharrad
Updated: 12 Mar, 2026 by Andrew Sharrad
Attached files

Prev
Next
« Windows Server
Frequently Asked Questions (FAQ) »