Support us on Patreon to keep GamingOnLinux alive. This ensures all of our main content remains free for everyone. Just good, fresh content! Alternatively, you can donate through PayPal. You can also buy games using our partner links for GOG and Humble Store.
We use affiliate links to earn us some pennies. Learn more.

Microsoft finally solve the Linux dual-boot issue after 9 months

By -

Back in August 2024, Microsoft released an update for various versions of Windows including Windows 10 and 11 that broke dual-booting with Linux on some setups. They've now finally solved it. Only took them 9 months.

The issue came from a Windows security update, something that was not supposed to affect systems where it detected a dual-boot but Microsoft failed on that causing problems for many to be unable to boot into their Linux installs.

From Microsoft:

After installing the August 2024 Windows security update, (KB5041160) or the August 2024 preview update, you might face issues with booting Linux if you have enabled the dual-boot setup for Windows and Linux in your device. Resulting from this issue, your device might fail to boot Linux and show the error message “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”

The August 2024 Windows security and preview updates apply a Secure Boot Advanced Targeting (SBAT) setting to devices that run Windows to block old, vulnerable boot managers. This SBAT update will not be applied to devices where dual booting is detected. On some devices, the dual-boot detection did not detect some customized methods of dual-booting and applied the SBAT value when it should not have been applied.

Microsoft did tweak this so that from September 19, 2024 and later updates did not do this automatically, but the damage was already done.

As of the May 13, 2025 update for Windows, this has now been solved. As the changelog notes:

  • [Secure Boot Advanced Targeting (SBAT) and Linux Extensible Firmware Interface (EFI)] This update applies improvements to SBAT for the detection of Linux systems.
Article taken from GamingOnLinux.com.
Tags: Security, Microsoft, Misc
10 Likes
About the author -
author picture
I am the owner of GamingOnLinux. After discovering Linux back in the days of Mandrake in 2003, I constantly checked on the progress of Linux until Ubuntu appeared on the scene and it helped me to really love it. You can reach me easily by emailing GamingOnLinux directly. You can also follow my personal adventures on Bluesky.
See more from me
Some you may have missed, popular articles from the last month:
All posts need to follow our rules. For users logged in: please hit the Report Flag icon on any post that breaks the rules or contains illegal / harmful content. Guest readers can email us for any issues.
7 comments Subscribe

tfk 8 hours ago
There was another obvious fix available from the beginning. Not running Windows.
Minux 8 hours ago
"Hey boss! Looks like some workers managed to get past our anti Linux patch."

"It's time for some layoffs."

benstor214 4 hours ago
  • Supporter
There was another obvious fix available from the beginning. Not running Windows.

Windows turned out to be a very effective virus on Linux systems...
elmapul 4 hours ago
that is why i dont use windows anymore
Hooly 4 hours ago
  • Supporter
To be fair here, while Microsoft dragged their feet for 9 months to improve their dual-boot detection, Linux distros dragged their feet to update the vulnerable (that is why it was blocklisted via dbx) bootloader for over 12 months.

Microsoft had already given them a 6 month grace period when the vulnerability was made public before blocking the vulnerable bootloader version.

Blocking that bootloader version after the grace period despite not being updated in any distro yet was the responsible thing to do, and Linux distros were absolutely lazy to not give this issue the appropriate urgency.


Last edited by Hooly on 19 May 2025 at 3:27 pm UTC
Kimyrielle 3 hours ago
There was another obvious fix available from the beginning. Not running Windows.

At least not handing Microsoft control over your computer by enabling Secure Boot. But I really wonder for how much longer they will even allow it to be disabled.
F.Ultra 50 minutes ago
  • Supporter
To be fair here, while Microsoft dragged their feet for 9 months to improve their dual-boot detection, Linux distros dragged their feet to update the vulnerable (that is why it was blocklisted via dbx) bootloader for over 12 months.

Not true, the vulnerable bootloader was fixed ages ago, the thing was though that the blacklisted key was not in the bootloader package but in the shim and since only the bootloader was changed the shim was left untouched so when MS decided to block the old bootloader they instead blocked the shim (that was not vulnerable).
While you're here, please consider supporting GamingOnLinux on:

Reward Tiers: Patreon. Plain Donations: PayPal.

This ensures all of our main content remains totally free for everyone! Patreon supporters can also remove all adverts and sponsors! Supporting us helps bring good, fresh content. Without your continued support, we simply could not continue!

You can find even more ways to support us on this dedicated page any time. If you already are, thank you!
Login / Register

Register Forgot Login?
★ Support Us
Popular this week
Search or view by category
Contact
Latest Guides
Graphics DriversHow to install, update and see what graphics driver you have on Linux and SteamOS
By Liam Dawe,
SteamOSHow to set, change and reset your SteamOS / Steam Deck desktop sudo password
By Liam Dawe,
> View more Tips & Guides
Latest Comments
Buy Games
Buy games with our affiliate / partner links:
Misc