Microsoft Update Leads to Linux Malfunction

Microsoft's update made Linux suffer.

A large number of Linux users said that after installing Microsoft's update, their Linux systems couldn't boot up.

Linux users affected by Microsoft's update all installed Windows + Linux dual systems.

The sudden inability to boot up made many users extremely anxious and hurriedly posted to find solutions. As a result, similar feedbacks emerged overwhelmingly on Reddit and multiple Linux communities.

After such an incident, some netizens lamented that Microsoft couldn't do meticulous testing for Linux, and it was more secure to implement a dual system through a virtual machine.

Some netizens also thought this was not an accident.

After all, Microsoft had tried to prevent Windows 10 users from booting other operating systems through secure boot before.

As an alternative, Microsoft also launched WSL to run the Linux subsystem in Windows to meet the needs of users for a dual system.

Microsoft fixes a vulnerability, Linux gets hit

Those affected in this incident were Windows + Linux dual system users.

After installing the update, these users would get an error when booting Linux, indicating a serious error.

VerifyingshimSBATdatafailed:SecurityPolicyViolation.

shimSBAT data verification failed: violation of security policy

Somethinghasgoneseriouslywrong:SBATself-checkfailed:SecurityPolicyViolation.

Multiple distribution versions such as Debian and Ubuntu, both new and old, suffered, and even booting from USB drives and CDs had similar situations.

The direct reason behind this was a patch newly released by Microsoft.

The patch fixes a vulnerability exposed two years ago, with the code CVE-2022-2601, and the CVSS severity score is 8.6 (out of 10).

This vulnerability is related to GRUB, which is an open-source boot loader used by many Linux devices.

Using this vulnerability, hackers can bypass the secure boot mechanism, which is an industry standard to ensure that no mali cious firmware or software is loaded during the operating system boot process.

Microsoft explained in the announcement about CVE-20220-2601 that the update for this vulnerability will install SBAT (a Linux mechanism used to shield various components in the boot path).

In this way, the probability of the GRUB package attacking Windows devices through the secure boot exploited by this vulnerability will be reduced.

At the same time, Microsoft also assured that devices with Linux installed would not be affected by this update.

But contrary to expectations, not only did Linux have a malfunction, but other programs were also damaged by SBAT (TapTechNews note pronunciation: qiānghài).

Some netizens said that their software with network boot function would also not be able to run after installing the update since it also used GRUB.

To solve it, it is necessary to disable the secure boot of all devices in the system or delete the SBAT file.

Some users were puzzled by Microsoft's operation and questioned why Microsoft wanted to fix a module that didn't belong to Windows and they knew nothing about.

Microsoft's reply is contradicted by reality

For this wave of malfunctions, Microsoft's response is like this:

When the Linux boot option is detected, this update will not be applied.

We know that some auxiliary boot schemes will bring problems to some customers, including using the outdated Linux loader.

We are collaborating with Linux partners to investigate the cause of the problem and the solution.

In fact, it is basically not much different from the announcement content when CVE-20220-2601 was released:

The SBAT value is not applicable to dual-boot systems with both Windows and Linux installed, and in theory, it will not affect these systems either.

Older Linux distributions may not be able to boot. If this happens, please cooperate with your Linux vendor to obtain an update.

But Microsoft's statement is somewhat self-contradictory - if it's not a dual system, using Linux alone naturally won't have such a malfunction.

There are also people who ask a soul question - if only using Windows, who would install GRUB?

The dramatic thing is that the actual situation is not like what Microsoft said that only old versions of Linux are affected. Some of the malfunctioning systems are exactly new versions (such as Ubuntu 24.04, Debian 12.6.0).

However, some netizens also made a witty comment that Microsoft actually didn't lie, because after installing the patch, Linux couldn't boot up, so it wasn't a dual system anymore.

In addition, some enthusiastic netizens proposed an emergency remedial measure -

First enter the BIOS to turn off the secure boot, the purpose is to enter the Linux system first.

Then use the command line to delete the faulty SBAT policy, and then restart to make the setting take effect.

Finally, enter the BIOS again to turn on the secure boot, and the problem is temporarily solved.

Reference link:

This article comes from WeChat public account: Quantum Bits (ID: QbitAI), author: Keleixi, original title Microsoft causes trouble and Linux gets hit: After the update, Linux can't be opened anymore.