Do you dual-boot Windows and Linux? Well, a recent Windows update seems to have been a bit messy and may have broken the ability to boot into Linux. Causing an alarming message to display of "Something has gone seriously wrong".
The update in question is in relation to CVE-2022-2601, and as the numbers there suggests, it's an issue from way back in 2022 that Microsoft decided just last week to go and patch up themselves. From the CVE:
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
It wasn't supposed to affect you if you do have Linux installed, as per Microsoft's own info they said:
To address this security issue, Windows will apply a Secure Boot Advanced Targeting (SBAT) update to block vulnerable Linux boot loaders that could have an impact on Windows security. The SBAT value is not applied to dual-boot systems that boot both Windows and Linux and should not affect these systems. You might find that older Linux distribution ISOs will not boot. If this occurs, work with your Linux vendor to get an update.
However, that seems to have still caused problems for those that do dual-boot. Oops. There's been quite a few reports of people unable to boot into their Linux distributions as a result of this update. A potential solution can be found in an Ubuntu Discourse post from 2023 for a previous issue.
Microsoft haven't yet said anything about it that I can find, and their update page notes "Microsoft is not currently aware of any issues with this update", so clearly that needs an update.
Article taken from GamingOnLinux.com.
Aug 21
It seems "legacy" boot is unaffected.
pleasereadthemanual Aug 21
StoneColdSpider Aug 21
QuoteMicrosoft haven't yet said anything about it that I can find, and their update page notes "Microsoft is not currently aware of any issues with this update", so clearly that needs an update.Well..... Its not an "issue" if its planned is it???......
risk of sabotage, and they can claim it was an accident.
Claude_Lib Aug 21
soulsource Aug 21
Quoting: Claude_LibI have Windows on a separate drive for rare occasions when I need it. The only clue two systems have about each other's existence is that Windows messes up the clock because I keep forgetting to set the RealTimeIsUniversal registry key.This update might break exactly such setups. The list of revoked keys is stored in an EFI variable (-> mainboard memory), and if Windows is unaware that there is a Linux installation, it will happily update that list - making Secure Boot prevent the execution of GRUB versions signed with the now-revoked keys.
Claude_Lib Aug 21
Quoting: soulsourceThis update might break exactly such setups. The list of revoked keys is stored in an EFI variable (-> mainboard memory), and if Windows is unaware that there is a Linux installation, it will happily update that list - making Secure Boot prevent the execution of GRUB versions signed with the now-revoked keys.I guess it's a good thing that I have Secure Boot disabled then.
Caldathras Aug 21
Secure Boot is a nuisance I prefer to leave disabled.
They mention that only old Linux ISOs won't boot. Why do I get the feeling that they didn't even test?
Mohandevir Aug 21
The only way I'll use Windows is through GeForce Now. I'll let Nvidia manage this garbage OS.
They didn't install it, they've their own bootloader called Windows Boot Manager.
They specifically set out and changed the grub bootloader.
The grub bootloader is the indication of dual boot and microsoft has a long and frustrating history of messing with it.
They didn't need to "fix" this, it's not their product and not their problem.
Paws off pal.
Last edited by LoudTechie on 21 August 2024 at 6:34 pm UTC
Last edited by ToddL on 22 August 2024 at 5:13 am UTC
Schattenspiegel Aug 21
Linux_Rocks Aug 21
Quoting: Claude_LibI have Windows on a separate drive for rare occasions when I need it. The only clue two systems have about each other's existence is that Windows messes up the clock because I keep forgetting to set the RealTimeIsUniversal registry key.I always just set Linux to use local time. One quick line in terminal is easier than a registry edit in Windows.
PC Owner: "Actually, this is my beach, I just invited you as a guest and--"
Microsoft: "Whoops!" *trips over itself* "Oh no! The sand castle!" *snickers* "Well, it's not a danger to anyone anymore!"
PC Owner: "... You know what... I let you in. I deserve this."
And this is how I see this situation. Microsoft can't hurt you if you don't invite it in, we are at the "Fool me for the 18549178217th time, what am I doing with my life?" stage.
Patreon
PayPal
See more from me