Last week was the monthly Patch Tuesday event for Microsoft's supported Windows operating systems. However, a patch that was meant to fix a vulnerability ended up causing problems with a number of dual-boot PCs with Windows and various versions of Linux.
Ars Technica reports that the update in question was to fix the vulnerability known as CVE-2022-2601. It was first discovered in 2022, and would allow hackers to access GRUB, an open source boot loader, so they could get around the Secure Boot feature. Microsoft finally released a patch for this issue last week as part of Patch Tuesday.
The patch was not meant to be installed on dual-boot PCs with Windows and forms of Linux. However, for reasons unknown at the moment, the patch was indeed sent out to owners of those PCs. As a result, they could not boot into Linux with Secure Boot enabled.
Instead, those PCs showed an error message that said, "Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”
According to the story, dual-boot PC users who have installed Linux-based operating systems like Debian, Ubuntu, Linux Mint, Zorin OS, Puppy Linux have all been affected by this issue.
As of this writing, Microsoft has not posted any info on how this Patch Tuesday update was released to these dual-boot PCs. The company has also not offered any assistance to owners of these PCs to fix this issue.
In the meantime, it appears the best way to get around this problem for those dual-boot PCs is to delete the SBAT file that Microsoft included with this patch. The Ubuntu site has posted up a procedure to delete this file, although they will still be open to the vulnerability that this patch was meant to fix in the first place.
17 Comments - Add comment