Posted on 05/18/2025 8:31:57 PM PDT by ransomnote
Long story short – the problem began after Microsoft’s August 2024 Patch updates, which included a mitigation for a known GRUB2 vulnerability (CVE-2022-2601). The flaw allowed malicious actors to bypass UEFI Secure Boot protections using a compromised GRUB2 bootloader.
To address this, Microsoft deployed a Secure Boot Advanced Targeting (SBAT) update (KB5041571) to block vulnerable bootloaders. Unfortunately, this had unintended consequences.
While it was supposed to detect and exempt dual-boot configurations from being affected, this detection failed in several scenarios. As a result, many dual-boot users with Windows and Linux on the same machine suddenly found themselves unable to get into their Linux system. Affected systems displayed error messages like:
Verifying shim SBAT data failed: Security Policy Violation SBAT self-check failed: Security Policy ViolationCode language: PHP (php)In other words, the bootloader was being rejected due to the SBAT policy, even though the system was expected to support both operating systems.
Fortunately, nine months later, after many user reports, frustration, and workarounds circulating across forums and GitHub issues, Microsoft finally acknowledged the problem and rolled out a fix during the just-released May 2025 Patch Tuesday updates (KB5058385).
(Excerpt) Read more at linuxiac.com ...
I started working on the mini-computer a bit ago, and I am pretty happy with how it is working for now even though the dual boot is not completely automated. I am sure that I can get the dual boot working normally, but it is just not worth the effort this evening.
All I have to do is hit F9 when I start the computer up and then select Ubuntu as the device that I want to start it with. It takes only a couple of extra seconds compared to doing nothing and letting Windows 11 start up. Windows is not aware that Ubuntu is even present so it is not likely that another Microsoft update will screw things up.
I am also happy with the version of Ubuntu Studio that I put onto the computer. Adding server features is easy compared to all the extra features that Studio comes with, and booting time is still quick anyway. So, it is going to take me a little effort to get everything configured the way that I like it and iron out the wrinkles, but overall, I am very pleased.
I am actually keying this in using Edge in Ubuntu because I have all of my shortcuts and passwords for websites syncing between all of my computers. It is lazy I know, and some here consider it a sacrilege to use Edge in a Linux system. But they have the same clothes to get glad in.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.