Earlier this week, news emerged about a Windows update breaking dual-boot systems with Windows and Linux installed side-by-side. Now, Microsoft has officially acknowledged the problem and promised to investigate and fix it.
A notification posted in the official Windows documentation confirmed that installing the August 2024 Patch Tuesday updates results in the following error message when attempting to launch Linux on a dual-boot system:
Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.
The source of this problem is a Secure Boot Advanced Targeting (SBAT) setting for blocking old and vulnerable boot managers. It was not intended to land on dual-boot systems, but as it sometimes happens in the world of Microsoft, it somehow did. The company says that happened because of failed dual-boot detection:
This SBAT update will not be applied to devices where dual booting is detected. On some devices, the dual-boot detection did not detect some customized methods of dual-booting and applied the SBAT value when it should not have been applied.
As a temporary workaround, Microsoft suggests customers with dual-boot Windows-Linux systems not restart their Windows copies to apply the August 2024 Patch Tuesday update and use a certain registry key to block the update:
Workaround: If you haven’t finalized the installation of the August 2024 update with a reboot yet, you can use the below opt-out registry key, so your device doesn’t install this update. You will be able to delete the registry key if you want to install future SBAT updates later on.
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD
There is also a forum thread about SBAT revocation that can help you fix an already broken system.
The problem affects all supported client and server editions of Windows 10 and 11, from Windows Server 2012 and Windows 10 2015 LTSB all the way up to Windows 11 version 23H2 and Windows Server 2022.
1 Comment - Add comment