Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates

Dual-Boot Systems Issue with Linux Booting After Installing August 2024 Windows Security Update. The Windows security update released on August 13, 2024 (KB5041585) may cause problems for users with a dual-boot setup for Windows and Linux. Specifically, it can prevent Linux from booting correctly.

Microsoft has released the August 2024 patches, including Windows 11 updates KB5041585 and KB5041592 and the KB5041580 patch for Windows 10. A Windows security update is a patch or fix Microsoft releases to address vulnerabilities and issues in the Windows operating system.

The August 2024 Windows security update includes a Secure Boot Advanced Targeting (SBAT) feature to enhance security by blocking outdated and vulnerable boot managers.

In this post, you will find all the details about the issue with Linux booting. We will cover how the update can affect your dual-boot setup, the specific errors you might encounter, and possible solutions to address these problems.

Patch My PC

What is SBAT?

Issue-with-Linux-Booting-After-Installing-August-2024-Windows-Security-Update

SBAT is a Secure Boot Advanced Targeting. It is a security feature that helps protect Windows systems by blocking outdated and vulnerable Linux EFI (Shim bootloaders) from running.

Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates

This issue originates from OS Build 22621.4037, associated with update KB5041585, released on August 13, 2024. The status was confirmed and documented on August 21, 2024, at 18:33 PT, with the last update recorded simultaneously.

Adaptiva
Dual-Boot Systems Issue with Linux Booting after Installing August 2024 Windows Security Update- Fig.1 - Creds to MS
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates – Fig.1

Secure Boot Advanced Targeting SBAT

The August 2024 security update introduces Secure Boot Advanced Targeting (SBAT) and affects Linux Extensible Firmware Interface (EFI). It applies SBAT to Windows systems to block outdated Linux EFI (Shim bootloaders) from running.

It should not affect systems that run both Windows and another operating system, like Linux. However, sometimes, the update mistakenly applies to these dual-boot systems. This can cause problems starting Linux and show errors related to Secure Boot.

The update should not apply to dual-boot systems with Windows and Linux, but older Linux ISO images might fail to boot if it does. In such cases, contact your Linux vendor for an updated ISO image.

Workaround

If you have not rebooted your device after installing the August 2024 update, you can use the opt-out registry key to prevent the update from being applied. This will stop the update from being installed, and you can delete the registry key later if you decide to install future SBAT updates.

Dual-Boot Systems Issue with Linux Booting after Installing August 2024 Windows Security Update - Fig.2
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates – Fig.2

Registry Modification Instructions

This documentation includes instructions for modifying the registry. Before making any changes, ensure you back up the registry to prevent potential issues. The table summarizes the steps for backing up and restoring the registry manually.

reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD
Back Up the Registry ManuallyRestore a Manual Backup
1. Select Start, type regedit.exe in the search box, and press Enter. If prompted, provide an administrator password or confirmation.1. Select Start, type regedit.exe, and press Enter. If prompted, provide an administrator password or confirmation.
2. In Registry Editor, locate and click the registry key or subkey you want to back up.2. In Registry Editor, select File > Import.
3. Select File > Export.3. In the Import Registry File dialog box, locate the backup file you saved, select it, and click Open.
4. In the Export Registry File dialog box, choose the location to save the backup, type a name for the backup file, and select Save.
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates – Table 1
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates Fig.3
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates – Fig.3

Affected Platforms

Let’s discuss the affected platforms related to the issue with Linux booting after installing the August 2024 Windows security update. The following table provides more detailed information about the specific Windows versions and server editions impacted by this issue.

VersionsServer
Windows 11, version 23H2
Windows 11, version 22H2
Windows 11, version 21H2
Windows 10, version 22H2
Windows 10, version 21H2
Windows 10 Enterprise 2015 LTSB
Windows Server 2022
Windows Server 2019
Windows Server 2016
Windows Server 2012 R2
Windows Server 2012
Dual-Boot Systems Issue with Linux Booting after Installing Windows Security Updates – Table 2

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.