May 2025 Patch Tuesday update KB5058405 fixes Windows 11 Linux dual-boot issue

In most cases, Microsoft tries to fix issues and security vulnerabilities with Patch Tuesday updates. But, sometimes, things can go south, and that’s exactly what happened last August with Windows 11 and Linux dual-boot setups.

After the update, systems running Ubuntu, Debian, Mint, Zorin OS, and Puppy Linux stopped booting properly. Microsoft informed users that it was caused by to implementation of SBAT in update KB5041585 for Windows 11.

For the uninitiated, SBAT, or Secure Boot Advanced Targeting, is meant to block unsafe or outdated bootloaders. It checks them against the Secure Boot DBX, a blacklist of known bad UEFI files. But this update flagged valid Linux bootloaders, locking users out of their systems. Suddenly, Windows booted fine, but Linux didn’t.

While Microsoft came up with a workaround, it wasn’t as simple as many thought it to be. It required tweaking policies and editing the Registry—steps not everyone is comfortable with. The fix worked, but it left users frustrated and cautious about future updates.

Microsoft has fixed Linux boot issues on dual-boot Windows 11 systems

Now, Microsoft has come up with an explanation:

After installing the August 2024 Windows security update, (KB5041585) or the August 2024 preview update, you might face issues with booting Linux if you have enabled the dual-boot setup for Windows and Linux in your device. Resulting from this issue, your device might fail to boot Linux and show the error message “Verifying shim SBAT data failed: Security Policy Violation. Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation.”

The August 2024 Windows security and preview updates apply a Secure Boot Advanced Targeting (SBAT) setting to devices that run Windows to block old, vulnerable boot managers. This SBAT update will not be applied to devices where dual-booting is detected. On some devices, the dual-boot detection did not detect some customized methods of dual-booting and applied the SBAT value when it should not have been applied.

Well, things are fine now. Microsoft has fixed the Windows 11 and Linux dual-boot issue with the May 2025 Patch Tuesday update KB5058405. If the issue is still bugging you, do let us know in the comments below.