Dual-boot systems fail after Microsoft update
Microsoft's update to fix a GRUB vulnerability caused boot failures in dual-boot systems, affecting Linux distributions. Users reported issues, and Microsoft has not acknowledged or provided support for the problem.
Read original article
A recent Microsoft update intended to address a significant vulnerability in the GRUB bootloader has inadvertently caused issues for many dual-boot systems running both Windows and Linux. Users began reporting boot failures with the error message, “Something has gone seriously wrong,” after the update was applied. The vulnerability, rated 8.6 out of 10 in severity, allowed potential bypassing of Secure Boot, a security feature designed to prevent malicious software from loading during startup. Despite Microsoft's assurances that the update would not affect dual-boot systems, it has rendered many devices unable to boot into Linux when Secure Boot is enabled. Affected distributions include popular ones like Ubuntu, Debian, and Linux Mint. Microsoft has not publicly acknowledged the issue or provided guidance for affected users, leaving them to seek solutions independently. One workaround involves disabling Secure Boot or deleting the SBAT policy introduced by the update. This incident highlights ongoing concerns regarding the reliability of Secure Boot and the complexities involved in managing security across different operating systems.
- Microsoft’s update intended to fix a GRUB vulnerability caused boot failures in dual-boot systems.
- Users received error messages indicating a serious issue after the update was applied.
- The update affected multiple Linux distributions, despite Microsoft’s claims it would not.
- Microsoft has not acknowledged the problem or provided support for affected users.
- Workarounds include disabling Secure Boot or deleting the SBAT policy.
Related
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.
Secure Boot is completely broken on 200 models from 5 big device makers
Researchers from Binarly found that Secure Boot is compromised on over 200 device models due to a leaked cryptographic key, posing significant security risks until manufacturers issue firmware updates.
Compromising the Secure Boot Process
Researchers from Binarly revealed a security vulnerability in the Secure Boot process affecting over 200 device models due to a leaked cryptographic key, raising concerns about potential cyberattacks and security practices.
Microsoft says CrowdStrike outage affected many more devices than reported
Microsoft disclosed that the CrowdStrike outage affected significantly more than 8.5 million Windows devices, leading to system failures. They are reassessing kernel driver necessity and improving update practices to prevent future incidents.
Tell HN: Microsoft SecureBoot "Breaking" Changes, Today's Milestone
Microsoft's Patch Tuesday updates KB5041585 and KB5041580 for Windows 10 and 11 fix boot issues with older Linux ISO images and automatically blacklist compromised SecureBoot keys, excluding dual-boot systems.
5 commentssudo mokutil --set-sbat-policy delete
Related
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.
Secure Boot is completely broken on 200 models from 5 big device makers
Researchers from Binarly found that Secure Boot is compromised on over 200 device models due to a leaked cryptographic key, posing significant security risks until manufacturers issue firmware updates.
Compromising the Secure Boot Process
Researchers from Binarly revealed a security vulnerability in the Secure Boot process affecting over 200 device models due to a leaked cryptographic key, raising concerns about potential cyberattacks and security practices.
Microsoft says CrowdStrike outage affected many more devices than reported
Microsoft disclosed that the CrowdStrike outage affected significantly more than 8.5 million Windows devices, leading to system failures. They are reassessing kernel driver necessity and improving update practices to prevent future incidents.
Tell HN: Microsoft SecureBoot "Breaking" Changes, Today's Milestone
Microsoft's Patch Tuesday updates KB5041585 and KB5041580 for Windows 10 and 11 fix boot issues with older Linux ISO images and automatically blacklist compromised SecureBoot keys, excluding dual-boot systems.