Once again, an update from Microsoft that has apparently not been sufficiently tested is causing serious problems for many users. According to reports that have emerged in the last few days after the latest patch day, many dual-boot systems are affected.
This problem affects users who run a Linux system on their PC alongside Windows, for example, and who choose between the two when starting up. After installing a new patch, the system would no longer start and would only report the message: “Something has gone seriously wrong”. The cause of this error was an update that Microsoft released as part of its monthly patch release.
This was intended to finally close a security hole in the GRUB bootloader, which is used in many Linux systems and has been known for two years. The vulnerability, which was rated at a severity level of 8.6 out of 10, allows attackers to bypass the secure boot system.
Secure Boot is an industry standard designed to ensure that no malicious software is loaded when a device boots up. The security flaw, known as CVE-2022-2601 was discovered in 2022, but has only now been patched by Microsoft. The update now meant that devices that use both Windows and Linux in dual-boot mode could no longer switch to the Linux operating system if Secure Boot was enabled. Users reported an error message that blocked the boot process. This issue affected several Linux distributions, including Debian, Ubuntu, Linux Mint, Zorin OS, and Puppy Linux.
According to Microsoft’s security bulletin, the update should only be installed on devices that use Windows exclusively. Dual-boot systems should not be affected, but this turned out to be incorrect. There has been no statement from Redmond about the reasons so far.
Affected users have therefore had to look for solutions themselves. One option is to disable Secure Boot, but this is not ideal depending on the user’s security requirements. A better short-term solution could be to delete the SBAT policy implemented by Microsoft to retain at least some of the Secure Boot functionality, although the system would then again be vulnerable to attacks on the CVE-2022-2601 vulnerability. This works as follows:
These incidents raise the question of how safe and reliable Secure Boot really is. Over the last 18 months, several vulnerabilities have been discovered that fundamentally question the security mechanism. Although Secure Boot improves security when starting Windows, there seem to be increasing problems and vulnerabilities that make the system vulnerable.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.
