Microsoft’s August Security Updates May Prevent Linux to Boot on Dual-Boot Devices

Microsoft has acknowledged an issue in its August Patch 2024 Tuesday updates for Windows 11 and Windows 10 that’s impacting Linux boot on dual-boot systems. On the Windows Health dashboard, Microsoft has confirmed that the Linux boot issues are affecting all versions of Windows from Windows 10 version 22H2 to the latest version of Windows 11, as well as Windows Server 2012 and newer.

After installing the latest Windows security updates released on August 2024, Windows users on dual-boot setup devices may encounter the error message “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation” when trying to boot Linux. Microsoft explained that the issue results from a new Secure Boot Advanced Targeting (SBAT) value being applied by mistake on dual-boot devices.

“The August 2024 Windows security update applies a Secure Boot Advanced Targeting (SBAT) setting to devices that run Windows to block old, vulnerable boot managers. This SBAT update will not be applied to devices where dual booting is detected. On some devices, the dual-boot detection did not detect some customized methods of dual-booting and applied the SBAT value when it should not have been applied,” the company explained in the Windows Health dashboard.

Microsoft said that it’s working to fix the issue with its Linux partners and will provide an update when more information is available. In the meantime, Windows users with a dual-boot setup may want to avoid installing the update. Microsoft also provided an opt-out registry key for users who haven’t finalized the installation of this month’s Patch Tuesday update with a reboot yet.