Users with dual-boot setups running both Linux and Windows may encounter boot issues following a recent Windows update. This problem affects many Linux distributions, causing systems to fail during the boot process. The issue has sparked numerous complaints online, with the widely-used bootloader GRUB2 being the primary component affected. The root of the problem lies in a Windows update released on August 13, aimed at addressing a security vulnerability identified as CVE-2022-2601.

This vulnerability involves a buffer overflow that could potentially allow attackers to bypass Secure Boot protections. To mitigate this risk, Microsoft has implemented Secure Boot Advanced Targeting (SBAT) in the update, designed to prevent bootloaders that might compromise Windows security. Users of Ventoy, and Ubuntu 24.04, reported that they were shown the following error:

Verifying shim SBAT data failed: Security Policy Violation

Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation

Following this, the system may automatically shut down after a few seconds. However, this update was not intended for dual-boot systems, and it is unclear why it has impacted so many users running both Linux and Windows. Microsoft had suggested that only older Linux distributions would be affected, but reports indicate that newer distributions are also encountering the issue. As of now, Microsoft has not released a public statement or a subsequent update to address this issue. Users have limited options to resolve the problem. One approach is to manually disable Secure Boot in the BIOS settings. Alternatively, users who wish to maintain Secure Boot can delete the SBAT policy via their Linux system, which may allow the system to boot successfully with Secure Boot enabled.

Source: itfoss