The TLDR is that Microsoft released a secure boot update that blocked insecure versions of GRUB. This update was only meant to go out to Windows users since releasing it to dual booted users could break GRUB. However, it was accidentally also released to dual-booted users.
The fix involves disabling dual boot, running a command to reset secure boot, then re-enabling.
accidentally
Right.
Accidentally on purpose
Windows is best run in a VM in Linux. Who knows what the hell it does when it’s running on bare metal. Do you trust Microsoft not to poke around in your Linux disks when you boot into Windows? I don’t.
Windows, as any operating system, is best run in a context most useful to the user and appropriate for the user’s technical level.
- Need to run Windows apps/games and aren’t afraid to tinker around if and when something doesn’t work as expected or your software simply isn’t supported? WINE/Proton.
- Need to run mostly light Windows apps and don’t want to tinker around? VM.
- Need to run Windows apps/games that don’t rely on Kernel-Level Anti-Cheat, want direct hardware access and aren’t afraid to tinker around, especially if you only have one GPU, and when something doesn’t work as expected? KVM
- Need to run any Windows app/game without things constantly breaking or the need to tinker around and staying on top of things? Dual-Boot from different disks, utilize LUKS/FDE and be done with it.
I don’t trust them in literally any manner at all.
I actually tried it before for my TV PC that I wanted to also use as a miniserver, with gpu pass through and everything. It was painful to get it working properly, was like 30-40% slower. I also had constant problems with USB peripherals not connecting properly, or going in a sleep state and not waking. Many games didn’t work properly.
Then I decided to just buy a cheap second second hand PC and never looked back.
Well I have my Linux partition encrypted with a unique password. But I don’t dual boot anyway …
And this is why I don’t dual boot anymore. Or run Windows anymore for that matter. Learn to play nicely with others please, Microsoft.
Same. It can’t even work correctly when I try and put it into a specific box.
The ultimate issue is a distaste for giving any corporation any control over hardware that I, alone, own.
I have been entirely M$ free for a while now with the exception of one machine which basically acts as a server at this point just hosting hard drives, a thermal label printer and the network scanning applet that my mfp talks to. Every machine I actually use is Linux and I’ve never been happier with the performance of my tech.
Newbie question: does this affect people using systemd-boot? Does anyone use systemd-boot?
deleted by creator
[This comment has been deleted by an automated system]
deleted by creator
deleted by creator
Is this teaching us not to dual boot and to have separate devices?
Secure boot borking systems? Windows assuming it’s the only OS on the machine? I’m shocked
Windows assuming it’s the only OS on the machine
That’s not the case. The update was only meant to go out to Windows users. But Microsoft messed up and accidentally released to all users, or at least some who weren’t supposed to receive it. My guess is that Microsoft usually doesn’t update secure boot stuff for dual boot users and instead waits for the distro to push the update.
The bottom line is that a windows update broke grub. Again.
deleted by creator
It’s a vulnerability that affects secure boot through grub. MS is the interested party in patching it because they’re the ones selling secure boot certifications. It doesn’t surprise me a bit if the open source community is not interested in patching secure boot holes.
[This comment has been deleted by an automated system]
Ah, delete the windows partition. That should keep me safe.
