Microsoft has fastened a recognized concern stopping Linux from booting on dual-boot methods with Safe Boot enabled after putting in the August 2024 Home windows safety updates.
The record of affected methods contains these working consumer (Home windows 10 and Home windows 11) and server (Home windows Server 2012 and later) OS variations.
This concern is triggered by a Safe Boot Superior Concentrating on (SBAT) replace that blocks UEFI shim bootloaders weak to exploits concentrating on the CVE-2022-2601 GRUB2 Safe Boot bypass.
Whereas Microsoft stated within the CVE-2022-2601 advisory that this SBAT replace would not be delivered to gadgets the place twin booting is detected, it additionally acknowledged that the dual-boot detection didn’t detect some custom-made strategies of dual-booting and utilized the replace anyway.
As revealed by many Linux customers (working a variety of distros, together with however not restricted to Ubuntu, Zorin OS, Linux Mint, and Pet Linux), their methods stopped booting after putting in the August 2024 Home windows updates, and the SBAT replace was incorrectly utilized.
Microsoft confirmed the recognized concern following widespread stories, saying that affected customers noticed “One thing has gone critically improper: SBAT self-check failed: Safety Coverage Violation” errors on methods rendered unbootable.
Fastened after 9 months
This week, 9 months after confirming the difficulty, Microsoft introduced that the Might 2025 Patch Tuesday safety updates ought to repair the boot issues for all affected customers.
“This concern was resolved by Home windows updates launched Might 13, 2025 [..], and later,” Redmond famous in a Home windows launch well being replace. “We suggest you put in the newest replace in your system because it comprises necessary enhancements and concern resolutions, together with this one.”
The repair comes after the corporate shared a short lived workaround in late August, weeks after the primary consumer stories surfaced, to assist revive impacted dual-boot methods, requiring them to delete the SBAT replace and making certain that future SBAT updates would now not be put in.
On September 19, it additionally stopped making use of the problematic SBAT replace to the firmware robotically, advising those that need to stop future SBAT updates in Home windows to run the next command:
reg add HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecureBootSBAT /v OptOut /d 1 /t REG_DWORD“This recognized concern solely happens with the set up of the August 2024 safety and preview updates. The September 2024 safety replace and later updates don’t comprise the settings that brought about this concern,” Microsoft added.
Based mostly on an evaluation of 14M malicious actions, uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and learn how to defend in opposition to them.
