Friend
Professional
- Messages
- 2,653
- Reaction score
- 851
- Points
- 113
Due to Microsoft's mistake, Linux users lost access to devices.
Last week, many Linux users faced a serious problem: their devices stopped booting after an update released by Microsoft as part of Patch Tuesday. Instead of the system starting normally, an error message was displayed.
The reason was a bug in an update that fixes a two-year-old vulnerability in GRUB, a boot loader used to run many Linux devices.
The CVE-2022-2601 vulnerability (CVSS score: 8.6) allowed attackers to bypass Secure Boot, a security standard that ensures that devices do not download malware or firmware during startup. The vulnerability was discovered back in 2022, but for unknown reasons, Microsoft has only now patched it.
The update affected dual-boot devices running both Windows and Linux. When trying to boot Linux, users encountered the message: "Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation».
Soon, the support and discussion forums were filled with messages about the problem. Users noted that, despite Microsoft's assurances, the update did affect dual-boot systems. According to users, the error is due to the incompatibility of some versions of the Linux bootloader with Microsoft's new EFI microcode. Among the victims were such popular distributions as Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux.
Microsoft has not yet publicly acknowledged the existence of the bug, explained why it was not identified during testing, or provided technical advice for affected users. In a bulletin for CVE-2022-2601, Microsoft assured that the update would install SBAT — a Linux mechanism for recalling various components in the boot path — but only on devices running exclusively on Windows. The update was not intended to affect dual-boot systems. However, in practice, this turned out to be not the case, which caused outrage among users.
Some users have found a temporary solution to the problem by disabling Secure Boot through the EFI panel. However, this method may not be acceptable for those who need Secure Boot protection. Another option is to remove the SBAT policy implemented by Microsoft.
Specific steps:
1. Disable Secure Boot;
2. Log in as an Ubuntu user and open the terminal;
3. Delete SBAT policy using: sudo mokutil --set-sbat-policy delete
4. Restart your computer and log in to Ubuntu again to update the SBAT policy;
5. Restart your computer and then enable Secure Boot in the BIOS again
Doing so will preserve some of the benefits of Secure Boot even if users remain vulnerable to attack.
Source
Last week, many Linux users faced a serious problem: their devices stopped booting after an update released by Microsoft as part of Patch Tuesday. Instead of the system starting normally, an error message was displayed.
The reason was a bug in an update that fixes a two-year-old vulnerability in GRUB, a boot loader used to run many Linux devices.
The CVE-2022-2601 vulnerability (CVSS score: 8.6) allowed attackers to bypass Secure Boot, a security standard that ensures that devices do not download malware or firmware during startup. The vulnerability was discovered back in 2022, but for unknown reasons, Microsoft has only now patched it.
The update affected dual-boot devices running both Windows and Linux. When trying to boot Linux, users encountered the message: "Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation».
Soon, the support and discussion forums were filled with messages about the problem. Users noted that, despite Microsoft's assurances, the update did affect dual-boot systems. According to users, the error is due to the incompatibility of some versions of the Linux bootloader with Microsoft's new EFI microcode. Among the victims were such popular distributions as Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux.
Microsoft has not yet publicly acknowledged the existence of the bug, explained why it was not identified during testing, or provided technical advice for affected users. In a bulletin for CVE-2022-2601, Microsoft assured that the update would install SBAT — a Linux mechanism for recalling various components in the boot path — but only on devices running exclusively on Windows. The update was not intended to affect dual-boot systems. However, in practice, this turned out to be not the case, which caused outrage among users.
Some users have found a temporary solution to the problem by disabling Secure Boot through the EFI panel. However, this method may not be acceptable for those who need Secure Boot protection. Another option is to remove the SBAT policy implemented by Microsoft.
Specific steps:
1. Disable Secure Boot;
2. Log in as an Ubuntu user and open the terminal;
3. Delete SBAT policy using: sudo mokutil --set-sbat-policy delete
4. Restart your computer and log in to Ubuntu again to update the SBAT policy;
5. Restart your computer and then enable Secure Boot in the BIOS again
Doing so will preserve some of the benefits of Secure Boot even if users remain vulnerable to attack.
Source
