With the latest monthly security update, Microsoft has wreaked havoc on dual boot Windows and Linux PCs. It was intended to fix a two-year-old vulnerability in the open-source GRUB bootloader without affecting dual-OS computers, but the update still began to prevent Linux systems from booting normally.
Image source: BoliviaInteligente / unsplash.com
Users who had Windows and Linux installed on the same machine began to complain that when they tried to boot the second system, messages began to appear about a “security policy violation,” or that “something seriously went wrong.” Errors have been recorded in the distributions of Ubuntu, Debian, Linux Mint, Zorin OS and Puppy Linux.
The update was designed to fix a vulnerability that allowed hackers to bypass Secure Boot, a protection against running malware before loading the OS, which is widely used in Windows and Linux distributions. Microsoft promised that the update will block vulnerable Linux bootloaders that could impact Windows security, but will not apply to dual-boot PCs, so it “should not impact those systems.”
There have been no comments from Microsoft about problems with the latest update, but Ubuntu users have already found a workaround that solves the problem. You need to disable Secure Boot in the BIOS, log into your Ubuntu user account and delete the Microsoft SBAT (Secure Boot Advanced Targeting) policy through the terminal. Microsoft has been using Secure Boot for many years, and support for this protocol is necessary for Windows 11 to work to protect against BIOS rootkits. True, in recent years many vulnerabilities have been discovered in Secure Boot, and recently it turned out that the protocol was compromised on a large number of PCs.