Microsoft patched the BitLocker recovery page issue in Windows 11 and 10 with the August 2024 security update. Surprisingly, the update introduces a bug that affects all the dual-boot PC with Linux. Users can no longer boot to their Linux installation and encounter an error message.
Microsoft updated its official health page to report this newfound problem with the update. The reason behind this problem is the Secure Boot Advanced Targeting (SBAT) setting that the company introduced with the update. SBAT’s function is to block outdated and unsecured boot managers.
But it didn’t recognize systems with dual-boot configuration and blocked them. It isn’t the intended behavior of the feature, which now obstructs users from accessing their Linux operating system with the following error message:
“Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”
This bug doesn’t spare any Windows OS versions or editions. So, all supported Windows 11, 10, and Server versions that use Linux in dual-boot will face this issue. Thankfully, the Windows OS boots without any issues.
There’s a silver lining if you haven’t applied the update on their PC. Microsoft suggests a registry tweak that will prevent SBAT from blocking the Linux access on your PC. Here’s how to do it:
- Open the Command Prompt with administrative rights.
- Type the following command and press Enter:
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\SBAT /v OptOut /d 1 /t REG_DWORD
- Close the Command Prompt window.
Once Microsoft fixes the issue, you’ll have to delete this registry key to ensure that future SBAT updates are installed on your PC.
What should I do if I have installed the August 2024 update?
If you applied the update on your PC, then the only option is to remove it. You can do so by navigating to Settings > Windows Update > Update history > Uninstall updates. Find the most recent update and click on the Uninstall button to remove it from your PC. Or you can use the WinRE page to remove updates.
The KB5041585 update for Windows 11 includes a myriad of problems. Windows Latest, like many users, encountered the infamous install error, whereas others noticed a performance drop after successfully installing the update.
Many users faced low memory issues while playing Diablo and other games even when their system had ample free memory.
Valorant players witnessed issues with Vanguard, an anti-cheat system that runs in the background. Its driver failed to pass the Hardware-enforced Stack Protection check. The game will still work if you pick the Disable option. However, that poses a security risk.
Since this update patched a critical bug with IPv6, uninstalling it would compromise the PC. You can check our post on how to disable IPv6 and remove the update.
Note that Microsoft hasn’t officially acknowledged any of these problems with the Windows 11 August security update.
Windows 10 still has the profile picture bug, which produces the error code 0x80070520 whenever you try to change the profile picture.