Microsoft’s Latest Update Bricks Linux Dual-Boot Systems: How to Fix the Issue

Why Trust Techopedia
Key Takeaways

  • Microsoft’s security update for fixing a vulnerability in secure boot has bricked Windows-Linux dual-boot systems.
  • Multiple users reported being unable to log into either OS on their machines.
  • The issue affects all major Linux distros, despite Microsoft claiming it only breaches functionality in older versions.

Windows and Linux users with dual-boot configurations report boot failures after Microsoft’s recent update. Here’s how to resolve the issue.

An update Microsoft sent out earlier this month bricked machines with Windows and Linux installed in a dual-boot configuration, preventing users from logging into either operating system. 

The security update was released as part of Microsoft’s monthly patch in response to a high-risk vulnerability published in the Common Vulnerabilities and Exposures (CVE), a public database for leading organizations in the IT industry to track and patch security issues. 

The update was directed at fixing a vulnerability, listed as CVE-2022-2601 in the CVE records, in GRUB2, a popular bootloader or tool that allows you to choose which operating system to start when booting your machine. The vulnerability was first identified in August 2022. It would allow hackers to bypass secure boot, a mechanism that prevents malicious code from being injected into the system before an operating system boots up. 

In the security update, Microsoft noted, “Windows will apply a Secure Boot Advanced Targeting (SBAT) update to block vulnerable Linux bootloaders that could impact Windows security.”

Microsoft explicitly noted that the update excludes systems running both Windows and Linux in dual-boot configurations. Despite the notice, several users on online forums reported being unable to log into their machines. Instead, they were greeted with an error message: “Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”

Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs – The Verge
byu/HotGarbage1813 inWindows11

How to Fix SBAT Self-Check Failed Error?

Although Microsoft warned the patch may affect older versions of Linux distributions that boot with ISO files (or CD/DVD), Ars Technica reported the issue appears to have affected even recent builds of the most popular distros, including Ubuntu, Debian, Puppy Linux, and more. Microsoft hasn’t responded to the reports yet or put out any fixes to help folks reclaim their data. Despite the company’s denial, it also appears to block all instances of Linux booting from the internal storage and removable media such as USB drives. 

With Microsoft mum on the issue, the only plausible solution at present is to turn off secure boot from your computer’s BIOS, boot into Linux, and run a specific command via Terminal to roll back Microsoft’s latest update, as instructed by Juliank in the Ubuntu forums. Though it does leave Linux users vulnerable to specific vulnerabilities in secure boot, the mechanism will continue to work as intended and protect against a broader range of attacks.