in

Dual-Boot Windows-Linux: Microsoft Shares a Fix to Get Your PC Up and Running

Dual-Boot

Dual-Boot
Dual-Boot

A Temporary Workaround for a Widespread Issue

Recently, the Windows security update KB5041585 caused significant disruption for many users with dual-boot configurations, preventing Linux from booting properly. Microsoft acknowledged the problem and announced that they were working on a fix but did not provide a specific deployment date. A week after the issue arose, Microsoft has now shared a workaround to help users temporarily resolve the conflict related to Secure Boot, which has been preventing certain Linux distributions from starting on multi-boot systems.

Step-by-Step Guide to the Temporary Solution

While awaiting an official patch, Microsoft has released a series of steps that can be used to address the issue in the meantime. The process is somewhat technical and requires users to navigate through system settings and make changes that may be daunting for those unfamiliar with such tasks. However, for those comfortable with these procedures, following these steps should help restore a functional dual-boot setup.

  1. Disable Secure Boot:
    The first step is to disable Secure Boot. To do this, you need to boot into your PC’s firmware settings and turn off Secure Boot. The exact process for this step varies depending on the manufacturer of your PC.
  2. Remove the SBAT Update:
    Next, you’ll need to remove the SBAT update. Boot into Linux, open the terminal, and run the command sudo mokutil --set-sbat-policy delete. Enter your password when prompted, then restart your system into Linux.
  3. Verify the SBAT Revocation Removal:
    After removing the SBAT update, you’ll want to verify that it was successfully removed. Open the terminal again and execute mokutil --list-sbat-revocations. The list that appears should show no revocations.
  4. Re-enable Secure Boot:
    Once you’ve completed the above steps, don’t forget to re-enable Secure Boot in your firmware settings.
  5. Prevent Future SBAT Updates:
    As a precaution, you can also prevent future SBAT updates. Boot into Windows, open Command Prompt as an administrator, and run the command reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD.

It’s important to note that the final step is also recommended as a preventive measure for users with dual-boot Windows-Linux configurations who have not yet installed the August update on Windows 10 (versions 21H2, 22H2, Enterprise 2015 LTSB) and Windows 11 (versions 21H2, 22H2, 23H2).

A Bug That Shouldn’t Have Happened

To recap, the Windows security update KB5041585 released in August significantly disrupted many dual-boot Windows-Linux setups. The issue arose from the application of the SBAT parameter to devices running Microsoft’s OS, which blocked vulnerable bootloaders. In the case of dual-boot configurations, this patch blocked non-secure versions of GRUB used by many GNU/Linux distributions, both old and new, as evidenced by the inability to boot Ubuntu 24.04 and Debian 12.6.0.

After receiving numerous reports from the community, Dual-Boot Microsoft initially stated that the problematic update should not have been applied to multi-boot systems, acknowledging that some configurations may have escaped detection and received the update erroneously. Following widespread outcry, the company decided to address the issue more directly, stating that they were working on an official fix, although no deployment date has yet been disclosed.

Source : Microsoft

Written by Atti Abderrahim

Leave a Reply

Your email address will not be published. Required fields are marked *

Dune Awakening

Dune Awakening – A Sci-Fi Video Game That Could Be the Sensation of 2025, But…! My Impressions

iPhone 16

Surprise! Apple to Unveil the New iPhone 16 on Monday, September 9th