Microsoft has successfully resolved a critical error after nine months, which had caused systems with a configured dualboot on Windows and Linux to fail to start after installing security updates. The issue first surfaced in August 2024, impacting numerous users, particularly those utilizing custom booting schemes.
The problem stemmed from an update to Secure Boot Advanced Targeting (SBAT) designed to block UEFI Shim boots vulnerable to a security flaw known as CVE-2022-2601. Despite Microsoft’s initial assurance that the update would not affect devices with active dual booting, its detection mechanism proved to be flawed. Consequently, systems running Ubuntu, Linux Mint, Zorin OS, and Puppy Linux ceased to load, displaying an error message “SBAT Self-Check FaileD: Security Policy Violation”.
User complaints started pouring in right after the August updates were released by Microsoft, but the company only offered a temporary solution towards the end of the month. It recommended manually removing and prohibiting the reinstallation of SBAT update. Subsequently, on September 19, 2024, Microsoft disabled the automatic use of SBAT in firmware, adding an option to deactivate it through the registry.
However, the full resolution of the issue came on May 13, 2025, as part of the monthly Patch Tuesday release. The latest update reportedly fixes the problem on all affected systems. Microsoft advises prompt installation of the update, as it contains crucial enhancements and fixes.
It is noteworthy that the vulnerability
This incident underscores the importance of robust dual boot detection and the necessity for a more transparent update testing policy affecting boot processes. This is especially crucial as a large number of users run Windows and Linux concurrently on a single device, both in personal and corporate settings.