Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
Breaking News
posted by janrinok on Thursday August 22, @06:28PM   Printer-friendly

Arthur T Knackerbracket has processed the following story:

Microsoft's Patch Tuesday for August 2024 includes a fix for a security vulnerability in the Grub2 boot loader, which is used by many Linux operating systems. Tracked as CVE-2022-2601, this flaw, discovered in 2022, could lead to an out-of-bounds write with a potential bypass of Secure Boot protection.

The Grub2 boot loader provides compatibility with the Secure Boot technology on PCs running Linux systems. After installing the new patch, Windows applies a Secure Boot Advanced Targeting (SBAT) policy to block vulnerable Linux boot loaders that could compromise OS security.

Microsoft explained that the SBAT value would not be applied to dual-boot systems with both Windows and Linux on the boot drive, so the patch was expected not to impact these systems. However, many users with dual-boot configurations have reported that the CVE-2022-2601 update still rendered booting into a Linux OS impossible.

The issue appears to affect various Linux distributions, including popular ones such as Ubuntu, Linux Mint, Zorin OS, Puppy Linux, and others. Affected systems typically display a "Security Policy Violation" error at boot, indicating a failed check on "shim SBAT data." Boot problems have been reported on both dual-boot systems and on Windows devices running Linux from an ISO image, USB drive, or optical media.

Microsoft's bulletin noted that only older Linux distros' ISOs were expected to experience boot issues following the CVE-2022-2601 patch. However, users with systems released in 2024 also seem to be affected. The only reliable way to restore a bootable state appears to be disabling Secure Boot entirely. Alternatively, users can follow the steps to remove the SBAT policy introduced by Microsoft this past week.


Original Submission

 
This discussion was created by janrinok (52) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Tork on Friday August 23, @10:42PM

    by Tork (3914) Subscriber Badge on Friday August 23, @10:42PM (#1369801)

    Just don't use Windows. Problem fixed.

    So... do linux users just play around at a bash prompt and edit text files all day? Just curious because when it came time for me to dump Windows it wasn't about which OS was better, it was about how the apps I need to run work on that OS. Lotsa people told me to switch OSs and not one of them said "What do you use your computer for?"

    --
    🏳️‍🌈 Proud Ally 🏳️‍🌈
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2