Last Tuesday, loads of Linux users—many running packages released as early as this year—started reporting their devices were failing to boot. Instead, they received a cryptic error message that included the phrase: “Something has gone seriously wrong.”

The cause: an update Microsoft issued as part of its monthly patch release. It was intended to close a 2-year-old vulnerability in GRUB, an open source boot loader used to start up many Linux devices. The vulnerability, with a severity rating of 8.6 out of 10, made it possible for hackers to bypass secure boot, the industry standard for ensuring that devices running Windows or other operating systems don’t load malicious firmware or software during the bootup process. CVE-2022-2601 was discovered in 2022, but for unclear reasons, Microsoft patched it only last Tuesday.

The reports indicate that multiple distributions, including Debian, Ubuntu, Linux Mint, Zorin OS, Puppy Linux, are all affected. Microsoft has yet to acknowledge the error publicly, explain how it wasn’t detected during testing, or provide technical guidance to those affected. Company representatives didn’t respond to an email seeking answers.

16 points

They had to know this would happen, right?

Like, they didn’t think to test with a dual booting system? Wtf?

Where do they even get off fixing a bug in grub?

permalink
report
reply
40 points

Has SecureBoot ever accomplished anything vaguely resembling security?

permalink
report
reply
2 points

Yes, it made people realize we don’t need Secure Boot and it’s just a pit of vulnerabilities.

permalink
report
parent
reply
14 points

Yeah, it made installing Linux more difficult, so it actually lowered computer security by pushing you to use windows

permalink
report
parent
reply
17 points

Securing proprietary hardware against peeps installing alt OSes

permalink
report
parent
reply
14 points

It ain’t done til GRUB don’t run?

permalink
report
reply
54 points

This sort of ridiculousness is why I got two seperate drives (needed the extra space anyways) and choose which one to boot from the mobo EFI menu.

permalink
report
reply
19 points

Yep, I don’t even fuck with grub since that has fucked me over in the past too, I just go into the fucking bios and select it manually lmao

permalink
report
parent
reply
44 points

windows update can and will always find your dual boot eventually and break it

permalink
report
reply
3 points

I got around that by having two EFI partitions, grub linux partition is loaded always at boot and it chainloads to the Windows EFI boot partition if I choose Windows. Windows does not know another partiton exists.

permalink
report
parent
reply
1 point

Yet. They will come for you, too, eventually.

permalink
report
parent
reply
1 point

Probably, but so far so good after 7 years, only thing is I have to enrol the MOK? key in the Secure boot after major kernel updates. Which amount to typing a password at the MOK boot screen to enroll the key

permalink
report
parent
reply

Linux

!linux@lemmy.ml

Create post

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

  • Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
  • No misinformation
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

Community stats

  • 6.4K

    Monthly active users

  • 4K

    Posts

  • 55K

    Comments