Windows update breaks Linux dual-boot setups with ominous message

Many PC users with Windows-and-Linux dual-boot setups woke up to a scary message this week: “Something has gone seriously wrong.”

Apparently, the latest patch to Windows 10 and Windows 11 seems to damage secondary Linux installations when the Secure Boot feature is enabled. Affected users are able to get Windows up and running, but their Linux installations are left inoperable.

According to a report from Ars Technica, a large number of Linux users across popular distros are impacted. Initial investigations point the finger at a fix for CVE-2022-2601, a 2022 vulnerability that could allow hackers to access systems even when Secure Boot is enabled. The patch seems to have worked on standard Windows installations without issue.

Microsoft’s documentation for the patch said that dual-boot setups with recent versions of Linux that are up-to-date shouldn’t be affected. Quoting the FAQ from the relevant page:

“The SBAT value is not applied to dual-boot systems that boot both Windows and Linux and should not affect these systems. You might find that older Linux distribution ISOs will not boot. If this occurs, work with your Linux vendor to get an update.”

But on user forums and social networks across the web, Linux fans are saying that just isn’t true. The SBAT fix was applied to dual-boot systems, borking the non-Windows half of these setups.

Microsoft hasn’t made a public statement on the issue, which might not be surprising since it’s only affecting products outside of the company’s remit. But that’s less than comforting to affected users, most of whom are quite technical and might even be relying on their dual-booted Linux systems for important work.

Some users have found and shared temporary solutions to access Linux in their own dual-boot setups, with steps that mostly involve disabling Secure Boot and deleting the SBAT policy.

Further reading: Dual-booting Linux and Windows, explained