Jump to content
Login new information ×
Login new information
  • Software News

    Microsoft confirms August Patch Tuesday updates break dual-boot in Windows 11 and 10

    Karlston

    By Karlston,
    Published Date:

    • 267 views
    • 2 minutes
     Share
    • 267 views
    • 2 minutes

    Earlier this week, news emerged about a Windows update breaking dual-boot systems with Windows and Linux installed side-by-side. Now, Microsoft has officially acknowledged the problem and promised to investigate and fix it.

     

    A notification posted in the official Windows documentation confirmed that installing the August 2024 Patch Tuesday updates results in the following error message when attempting to launch Linux on a dual-boot system:

     

    Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.

    The source of this problem is a Secure Boot Advanced Targeting (SBAT) setting for blocking old and vulnerable boot managers. It was not intended to land on dual-boot systems, but as it sometimes happens in the world of Microsoft, it somehow did. The company says that happened because of failed dual-boot detection:

     

    This SBAT update will not be applied to devices where dual booting is detected. On some devices, the dual-boot detection did not detect some customized methods of dual-booting and applied the SBAT value when it should not have been applied.

    As a temporary workaround, Microsoft suggests customers with dual-boot Windows-Linux systems not restart their Windows copies to apply the August 2024 Patch Tuesday update and use a certain registry key to block the update:

     

    Workaround: If you haven’t finalized the installation of the August 2024 update with a reboot yet, you can use the below opt-out registry key, so your device doesn’t install this update. You will be able to delete the registry key if you want to install future SBAT updates later on.

     

    reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD

    There is also a forum thread about SBAT revocation that can help you fix an already broken system.

     

    The problem affects all supported client and server editions of Windows 10 and 11, from Windows Server 2012 and Windows 10 2015 LTSB all the way up to Windows 11 version 23H2 and Windows Server 2022.

     

    Source

     

    Hope you enjoyed this news post.

    Thank you for appreciating my time and effort posting news every single day for many years.

    2023: Over 5,800 news posts | 2024 (till end of July): 3,313 news posts

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...