Summary

Article Metadata

Linux Boot Failure Caused by Patch

This is a Linux news story, published by Ars Technica, that relates primarily to Secure Boot news.

Linux news

For more Linux news, you can click here:

more Linux news

Secure Boot news

For more Secure Boot news, you can click here:

more Secure Boot news

News about operating systems

For more operating systems news, you can click here:

more operating systems news

Ars Technica news

For more news from Ars Technica, you can click here:

more news from Ars Technica

About the Otherweb

Otherweb, Inc is a public benefit corporation, dedicated to improving the quality of news people consume. We are non-partisan, junk-free, and ad-free. We use artificial intelligence (AI) to remove junk from your news feed, and allow you to select the best tech news, business news, entertainment news, and much more. If you like this article about operating systems, you might also like this article about

secure boot

. We are dedicated to bringing you the highest-quality news, junk-free and ad-free, about your favorite topics. Please come every day to read the latest boot devices news, SecureBoot news, news about operating systems, and other high-quality news about any topic that interests you. We are working hard to create the best news aggregator on the web, and to put you in control of your news feed - whether you choose to read the latest news through our website, our news app, or our daily newsletter - all free!

mess Secure Boot

Ars Technica

•

“Something has gone seriously wrong,” dual-boot systems warn after Microsoft update

Summary

Nutrition label

70% Informative

Microsoft issued an update to close a 2-year-old vulnerability in GRUB , an open source boot loader used to start up many Linux devices.

The vulnerability, with a severity rating of 8.6 out of 10 , made it possible for hackers to bypass Secure Boot .

Multiple distros, both new and old, affected Tuesday ’s update left dual-boot devices—meaning those configured to run both Windows and Linux — no longer able to boot into the latter when Secure Boot was enforced.

“At the end of the day , while Secure Boot does make booting Windows more secure, it seems to have a growing pile of flaws that make it not quite as secure as it's intended to be,” said Will Dormann , a senior vulnerability analyst at security firm Analygence. “ SecureBoot gets messy in that it's not a MS-only game, though they have the keys to the kingdom. Any vulnerability in a SecureBoot component might affect a SecureBoot-enabled Windows -only system. As such, MS has to address/block vulnerable things.”.

VR Score

Informative language

Neutral language

Article tone

formal

Language

English

Language complexity

Offensive language

not offensive

Hate speech

not hateful

Attention-grabbing headline

not detected

Known propaganda techniques

not detected

Time-value

short-lived

External references

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2022-2601 https://en.wikipedia.org/wiki/GNU_GRUB https://community.frame.work/t/sbat-verification-error-booting-linux-after-windows-update/56354 https://www.reddit.com/r/linuxquestions/comments/1euuha4/please_help_error_message_verifying_shim_sbat/https://forums.linuxmint.com/memberlist.php?mode=viewprofile&u=381346 https://discourse.ubuntu.com/t/sbat-revocations-boot-process/34996 https://askubuntu.com/questions/1523353/windows-aug-13-update-broke-my-ubuntu-system https://www.gnu.org/software/grub/manual/grub/html_node/Secure-Boot-Advanced-Targeting.html https://forums.linuxmint.com/viewtopic.php?t=427297&sid=dab5f35699069b1d030e710a1eb3c793 https://www.howtogeek.com/356714/what-is-an-iso-file-and-how-do-i-open-one/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2601 https://www.reddit.com/r/linux4noobs/comments/1euuiwv/please_help_error_verifying_shim_sbat_data_failed/

Source diversity

msrc.microsoft.com en.wikipedia.org community.frame.work www.reddit.com forums.linuxmint.com discourse.ubuntu.com askubuntu.com www.gnu.org www.howtogeek.com cve.mitre.org

Affiliate links

no affiliate links

Read full article