Windows update makes dual booting with Linux impossible



On August 14, 2024, Microsoft released

a Windows Update that delivers security updates and bug fixes. It has been reported that this update has caused devices configured to run both Windows and Linux to be unable to boot.

Microsoft breaks some Linux dual-boots in a recent Windows update | GamingOnLinux
https://www.gamingonlinux.com/2024/08/microsoft-breaks-some-linux-dual-boots-in-a-recent-windows-update/



An update made to fix a vulnerability broke dual-boot Windows-Linux PCs - Neowin
https://www.neowin.net/news/an-update-made-to-fix-a-vulnerability-broke-dual-boot-windows-linux-pcs/

Microsoft update breaks dual-boot systems running Linux and Windows | Windows Central
https://www.windowscentral.com/software-apps/windows-11/microsoft-breaks-dual-boot-windows-and-linux-pcs-with-security-update-sent-to-wrong-systems

“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update | Ars Technica
https://arstechnica.com/security/2024/08/a-patch-microsoft-spent-2-years-preparing-is-making-a-mess-for-some-linux-users/

The Windows Update distributed on August 14, 2024 included a patch for the vulnerability ' CVE-2022-2601 ', which could allow the Secure Boot mechanism to be bypassed.

Microsoft explained the patch as follows: 'To address this security issue, we are applying the Secure Boot Advanced Targeting (SBAT) update to block vulnerable Linux boot loaders that could affect Windows security. Please note that the SBAT update does not apply to and does not affect dual-boot systems that boot both Windows and Linux.'

However, some users have reported that after the update, they are no longer able to boot up their Linux distributions.

PLEASE HELP Error message: Verifying shim SBAT data failed: Security policy violation Something went seriously wrong: SBAT self-test failed: Security Policy Violation
by u/paku1234 in linuxquestions



According to foreign media Neowin, many dual-boot PC users who have installed Linux-based operating systems such as Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux are affected by this issue.

However, Microsoft has stated that they are not aware of any issues with this update, and it is up to users to deal with the problem. Overseas media ArsTechnica has explained how to deal with this issue for Ubuntu users. Here are the steps:

- Access the EFI panel and disable Secure Boot
・Log in to Ubuntu and launch the terminal
・Run the following command to delete the SBAT policy:
[code]sudo mokutil --set-sbat-policy delete[/code]


Reboot your PC and log back into Ubuntu to update the SBAT policy
After rebooting, re-enable Secure Boot from the BIOS screen.

Will Dorman, a senior analyst at security firm Analygence, said, 'While Secure Boot makes Windows booting safer, it also creates unintended flaws. Microsoft needs to address these vulnerabilities.'

Related Posts:

in Software, Posted by log1r_ut