FirmWatchFirmWatch
MotherboardsLaptopsMonitorsRoutersSSDs
BlogFind a Device
FirmWatch

Get notified when new firmware is released for your laptops, motherboards, monitors, routers, SSDs, and more. Free email alerts with download links and changelogs.

Categories

  • Motherboards
  • Laptops
  • Monitors
  • Routers
  • SSDs

Resources

  • Firmware Blog
  • About
  • FAQ

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy

Contact

  • contact@firmwatch.io

© 2026 Kulander Labs. All rights reserved.

  1. Home
  2. Blog
  3. Firmware Security Roundup: What Manufacturers Patched in Early July 2026
securityJuly 11, 2026· 6 min read

Firmware Security Roundup: What Manufacturers Patched in Early July 2026

This is the first of our monthly security roundups — a look at what actually shipped, drawn directly from the release data FirmWatch collects across the 2,200+ devices we monitor. Between June 25 and July 10 we logged 56 firmware releases, and a striking share of them carry security payloads. Here is what matters and who should update.

The headline: Secure Boot's certificate rollover reaches laptop BIOSes

The most consequential release of the fortnight is easy to overlook. Acer's TravelMate P2 TMP215-54 received BIOS 1.29 on July 10 with a one-line changelog: the BIOS now contains the new Microsoft 2023 Secure Boot certificates.

That single line is part of the largest coordinated firmware operation in years. The certificate authorities that Windows Secure Boot has relied on since 2011 began expiring in June 2026, and every PC that wants to keep receiving signed boot components needs its firmware to trust Microsoft's 2023 certificates. Manufacturers are rolling this out model by model through BIOS updates exactly like this one. If your machine's firmware never gets the new certificates, Secure Boot updates eventually stop validating — so when a BIOS update mentions "2023 Secure Boot certificates," treat it as more important than its modest changelog suggests. Expect to see this line appear across many more devices we track in the coming months; we will flag them as they land.

MikroTik patches a service security issue across its entire lineup

On July 3, MikroTik shipped RouterOS 7.23.2 (stable) with an unusually direct changelog admission: "fixed a service security issue, home user with default config not affected, but we recommend the upgrade for all users regardless." The long-term branch received 7.21.5 the same day.

In our tracker the update landed simultaneously on ten devices, including the hEX S, hEX, hEX PoE, hAP, hAP lite, cAP, wAP R, KNOT and mAP lite. Routers are the devices most worth patching promptly — they sit on the network edge, exposed around the clock. If you run RouterOS anywhere, this is the update to make time for.

Intel platforms: microcode 0x122 and a Gigabyte Z790 wave

ASRock updated its Z890 range to BIOS 3.31 on July 9 — Z890 Pro RS, Pro RS WiFi, Pro RS WiFi White and Pro-A WiFi — bundling Intel microcode 0x122 and a Management Engine update to 19.0.11.2289. Changelogs like these rarely name CVEs, but microcode and ME updates are precisely the mechanism through which Intel platform vulnerabilities get fixed; boards that never receive them stay exposed.

A week earlier, on June 30, Gigabyte refreshed eight Z790 boards in one sweep — among them the Z790 Gaming X AX (F16), Z790 AORUS Master (F19) and Z790 AORUS Elite AX — each citing improved system security and stability. Coordinated multi-board waves like this usually track a shared platform-level fix.

AMD boards: five-year-old B550 still getting security attention

ASUS pushed BIOS 4201 to its AM4-era B550 boards — the Prime B550M-K and ROG Strix B550-I Gaming — on July 8–9, citing stability, security and compatibility work. It is genuinely good news when a chipset generation launched in 2020 keeps receiving security updates; both boards now count 25+ tracked releases in their update track records.

On AM5, ASRock rolled BIOS 4.43 across its B650 and B850 boards — including the B650M Pro RS, B650 Pro RS WiFi and B850M Pro-A WiFi — in the same July 7–9 window.

Also worth noting

  • TP-Link Archer BE805 1.5.1 enhances system security and fixes a bug where the Quad9 DNS-over-HTTPS server did not work correctly — relevant if you route your DNS through Quad9 for privacy.
  • Dell shipped BIOS updates for the Latitude 5410 (1.41.0) and Latitude 9410 2-in-1 (1.42.0) — business laptops where staying current is usually company policy for a reason.
  • Not security, but notable: MSI's MPG Z890 Carbon WiFi got overclocking and memory-compatibility improvements, and the BenQ MOBIUZ EX271U fixed a KVM bug in firmware V4.

How to act on this

Every device page linked above shows the full version history, security-flagged releases and an update track record computed from our data — so you can judge in seconds whether your hardware is actively maintained. If any of these devices sit in your home or fleet, subscribe on the device page and the next security release will land in your inbox the day we detect it, instead of in next month's roundup.

← Previous

Firmware Recovery: What to Do When an Update Goes Wrong

View All Articles