Microsoft's latest security update, released in August 2024, has caused significant issues for users who dual-boot Windows and Linux. The update, intended to enhance system security, inadvertently created a problem for those relying on both operating systems.

The Issue

The problem stems from a new Secure Boot Advanced Targeting (SBAT) setting applied by the update. This setting was designed to block old, vulnerable boot managers to enhance security. However, it mistakenly affected dual-boot systems, causing Linux boot failures.

Impact

Users with dual-boot setups have reported encountering error messages such as "Verifying shim SBAT data failed: Security Policy Violation" when trying to boot into Linux. This issue affects all versions of Windows from Windows 10 version 22H2 to the latest version of Windows 11, as well as Windows Server 2012 and newer.

Microsoft's Response

Microsoft has acknowledged the issue and is working with its Linux partners to resolve it. They have provided an opt-out registry key for users who haven't finalized the installation of the update with a reboot yet⁴. In the meantime, users with dual-boot setups are advised to avoid installing the update until a fix is available.

What You Can Do

If you are affected by this issue, here are some steps you can take:

1. Avoid Installing the Update: If you haven't installed the update yet, it's best to hold off until Microsoft releases a fix.

2. Use the Opt-Out Registry Key: If you've downloaded the update but haven't rebooted, you can use the opt-out registry key provided by Microsoft to prevent the update from being applied.

3. Stay Informed: Keep an eye on updates from Microsoft and your Linux distribution for any patches or workarounds.