This October 8, Microsoft has released a new update for Windows 10, update KB5044273, which is mandatory and aims to solve various security problems. The update, available for PCs with Windows 10 21H2 and Windows 10 22H2, is good news for users of this operating system, since it represents a new influx of life despite the fact that the new version of Windows, 11, is the focus of attention of Microsoft currently.
Unfortunately for some users, this update for Windows 10 builds 19044.5011 and 19045.5011 has reported issues for those using dual boot with a Linux operating system.
Dual boot is a tool that allows the user to choose when starting the computer whether to use the Windows or Linux operating system, making it possible to have both installed and available on the PC at the same time.
As Microsoft has stated in the “known issues” section of this update, users with dual boot enabled may experience problems after downloading it to their computer.
“After installing this security update, you may have trouble booting Linux if you have enabled dual boot setup for Windows and Linux on your device. As a result of this issue, your device may fail to boot into Linux and display the error message ‘Error verifying shim SBAT data: Security policy violation. Something went very wrong: Error in the SBAT self-test: security policy violation,’ the company explains.
The origin of the problem dates back to a security update released in August of this year, in which Microsoft applied a Secure Boot Advanced Segmentation (SBAT) configuration with the aim of protecting some older devices from certain vulnerabilities. The thing is that, although this patch included a detector to not install on PCs with dual boot, this program failed to properly detect some custom dual boot methods.
That is why, now, the new update has caused problems when installing components that it should not on PCs with dual boot activated. As we say, the problem has actually existed since mid-August, and is resolved by adding an entry to the Windows Registry or disabling secure boot within the computer’s BIOS.
How to fix the bug
If you are one of the affected users and, after installing the update, you have lost the dual boot option or cannot start your computer, you can try one of these solutions:
- If Windows won’t start, disable secure boot within your BIOS. To do this, press the key DEL either F2 when you start the computer and access the Boot section (BOOT). Look for the Secure Boot option and disable it.
- If Windows starts but you can’t access dual boot, you will need to uninstall the latest update or run the following script:
- Press the Windows start button, type CMD to run the command prompt as administrator
- Write the following line: reg add HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecureBootSBAT /v OptOut /d 1 /t REG_DWORD
- Restart your computer
In any case, Microsoft will already be working on a new patch to solve this error in the shortest time possible.