15-05-2025
Microsoft Fixes Windows 11 Update That Broke Dual-Boot Linux Systems
A Windows security update released in August 2024, known as KB5041585, caused issues for users running dual-boot systems with Windows 11 and various Linux products like Ubuntu, Debian, and Linux Mint, as reported by Neowin.
The update was meant to add new Secure Boot Advanced Targeting (SBAT) protections to block outdated and probable vulnerable bootloaders by checking the Secure Boot DBX, a database of blacklisted UEFI executables. However, Microsoft says the update did not always correctly detect customized dual-boot setups. As a result, some users saw their Linux systems fail to start, receiving a 'Verifying shim SBAT data failed: Security Policy Violation' error.
Microsoft responded a few days later with a workaround that required users to change system policies and edit the Windows Registry. The company explained that the SBAT update should not have been applied to devices with dual-boot configurations, but the detection process missed some customized setups and incorrectly enforced the new security settings.
Earlier this week, Microsoft released a fix as part of the May 2025 Patch Tuesday update, KB5058405. The update corrects the SBAT detection logic, restoring Linux boot functionality for affected users.
