Microsoft has confirmed reports that Windows 10 is losing system and user certificates when computer owners upgrade to a newer version of the operating system. 

User reports emerged a week ago about the forgotten-certificate glitch that happens upgrading to a higher Windows 10 build, as reported by Borncity at the time. Users report the certificates being lost when upgrading to multiple versions of Windows 10. 

Microsoft has now confirmed that system and user certificates might be lost when upgrading from Windows 10 version 1809 to a later version. 

However, the company notes there are several preconditions for the lost-certificate issue to manifest itself when upgrading.  

“Devices will only be impacted if they have already installed any latest cumulative update (LCU) released September 16, 2020 or later and then proceed to update to a later version of Windows 10 from media or an installation source which does not have an LCU released October 13, 2020 or later integrated,” Microsoft explains. 

The LCU refers to the non-optional security update that Microsoft releases the second Tuesday of each month, aka Patch Tuesday. 

As one user on Reddit noted, losing user or system certificates in Windows is a real problem, especially now because of working from home requirements during the pandemic. Most VPNs rely on these digital certificates to function.   

The forgotten-certificate issue happens mostly when managed devices are updated using “outdated bundles or media through an update management tool such as Windows Server Update Services (WSUS) or Microsoft Endpoint Configuration Manager.”

However, it might also happen “when using outdated physical media or ISO images that do not have the latest updates integrated”. 

The impact should be fairly narrow since the issues doesn’t affect devices that connect directly to Windows Update or devices that use Windows Update for Business. 

Microsoft is working on a fix and will provide updated bundles and refreshed media in the coming weeks. 

However, the company does offer a workaround, which involves rolling back to the previous version of Windows within the 10- to 30- day uninstall period. 

Affected Windows 10 versions include versions 20H2, 2004, 1909, and 1903, as well as their corresponding Server versions.