In response to person stories following this month’s Patch Tuesday, the August 2024 Home windows updates are breaking twin boot on Linux methods with Safe Boot enabled.
This problem is attributable to Microsoft’s resolution to use a Safe Boot Superior Concentrating on (SBAT) replace to dam Linux boot loaders unpatched in opposition to the CVE-2022-2601 GRUB2 Safe Boot bypass vulnerability, which might “have an impact on Windows security.”
“The vulnerability assigned to this CVE is in the Linux GRUB2 boot loader, a boot loader designed to support Secure Boot on systems that are running Linux,” Microsoft says in an advisory printed final week to deal with this problem.
“It’s being documented within the Safety Replace Information to announce that the newest builds of Home windows are not susceptible to this safety function bypass utilizing the Linux GRUB2 boot loader.
“The SBAT value is not applied to dual-boot systems that boot both Windows and Linux and should not affect these systems. You might find that older Linux distribution ISOs will not boot. If this occurs, work with your Linux vendor to get an update.”
Nevertheless, whereas Redmond says that the SBAT replace that blocks susceptible UEFI shim bootloaders mustn’t impression dual-boot methods in any manner, many Linux customers say that their methods (working Ubuntu, Linux Mint, Zorin OS, Pet Linux, and different distros) not boot after putting in the August 2024 Home windows updates on the Home windows OS.
These affected see “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation” errors, and, for some, the gadgets will even instantly shut down.
Presently, there isn’t a definitive record of Linux distributions and variations affected by this identified problem and Linux customers who tried working across the problem say that deleting the SBAT coverage or wiping the Home windows set up and restoring Safe Boot to manufacturing facility settings won’t work.
The one obvious option to revive the machine is to disable Safe Boot, set up the newest model of their favourite Linux distro, and re-enable Safe Boot.
Microsoft has but to acknowledge that putting in this month’s Patch Tuesday replace might render dual-boot methods unable as well.
