August 22, 2024 at 12:35PM
Microsoft has acknowledged that the August 2024 Windows security updates are causing issues for dual-boot systems with Secure Boot enabled, particularly affecting Linux booting. The problem stems from a Secure Boot Advanced Targeting update, blocking unpatched Linux boot loaders against a specific vulnerability. Microsoft is working on a fix and suggests a workaround for impacted users.
After reviewing the meeting notes, here are the key takeaways:
– Microsoft’s August 2024 Windows security updates are causing Linux booting issues on dual-boot systems with enabled Secure Boot, due to the SBAT update blocking vulnerable UEFI shim bootloaders unpatched against the CVE-2022-2601 GRUB2 Secure Boot bypass vulnerability.
– Impacted Linux distributions include Ubuntu, Linux Mint, Zorin OS, Puppy Linux, and others.
– Workarounds such as deleting the SBAT policy or restoring Secure Boot to factory settings may not work for all affected devices. The only verified way to revive impacted systems is to disable Secure Boot, install the latest Linux distro, and re-enable Secure Boot.
– Microsoft offers a workaround for halting the installation of the buggy updates using an opt-out registry key.
– Microsoft is actively investigating the issue with its Linux partners and will provide updates as more details become available.
If you have any specific actions you’d like to take based on this information, please let me know how I can assist you further.