Skip to main content


Microsoft’s latest security update has ruined dual-boot Windows and Linux PCs


reshared this

in reply to Jeena

If Microsoft didn't have a decades-long record of pulling shit like this, they might get the benefit of the doubt.
in reply to Ensign_Crab

Never attribute to malice that which is adequately explained by stupidity
in reply to Shadow

Microsoft has been consistently "stupid" for a very long time about this one particular thing.
in reply to Shadow

Stupidity doesn't adequately explain the number of times they have done this. I'm surprised it's even a headline anymore.
in reply to Shadow

Never attribute to malice that which is adequately explained by stupidity


Emphasis mine. Incompetence on Microsoft's part is not an adequate explanation for this latest action matching a pattern of other actions designed to antagonize FOSS users.

in reply to Shadow

I hate this phrase.

A lot of the time, people (and especially monopolistic, tax-dodging, $3.2 trillion multinationals with a long history of anti-competitive behaviour) really are just cunts.

Time and time again, we see big companies doing anything they can to destroy competition, mislead customers, etc.

Never attribute to stupidity what can be adequately explained by malice.

in reply to TheGrandNagus

In business and politics "malice" and "stupidity/incompetence" are one and the same.
in reply to TheGrandNagus

stupidity is a once-off

malice is a pattern

and even if it’s not malicious, a pattern of stupid action needs to be stopped just as much as malicious action

This entry was edited (5 months ago)
in reply to Pup Biru

stupidity is a once-off


🎶 ...this iiiiis my one an only wiiiiiiish! 🎶

in reply to obbeel

Well, you can just fix the bootloader, but that's not super exciting I guess.
in reply to just_another_person

People who dual boot are likely to be linux newbies just trying it out. They're more likely to blame linux when microsoft does what it does to competitors.
in reply to Ensign_Crab

I dual boot and am maybe considered a newbie. But I’ve had this set up for about a year slowly preparing to stop using Microsoft crap. It’s part of a longer path to digital privacy that was kicked into gear when the win 11 update made my Wi-Fi card disappear, like gone- like it was never installed. Fuck HP and Microsoft

Ironically I had disabled secure boot to try another distro. Was going to drop Ubuntu for something else, still might but no rush, plenty to learn.

in reply to MagnumDovetails

It's not just about privacy. Linux and open source communities are a safespace for a novel way of doing things.
in reply to obbeel

I’ve noticed that, I also appreciate you can kinda tinker which I appreciate. It’s wild being so accustomed to the limited control you have from using windows and mainstream software
in reply to MagnumDovetails

As a noob myself I can suggest KDE Neon. It's quite similar to Windows. I switched 2 of my machines over and when the security updates stop for Windows 10 my gaming machine will switch also. I'm very satisfied 6 months in.
in reply to Ensign_Crab

That's not necessarily true, I dual boot and I've been using Linux for my main OS for about 15 years now. I rarely use mine but it is useful/needed occasionally.
in reply to Unquote0270

Hence "are likely to be," not "are always."
This entry was edited (5 months ago)
in reply to Ensign_Crab

Your assessment of probability is speculation and I didn't suggest you meant "always".
in reply to Unquote0270

Your assessment of probability is speculation


It is, but anecdote is insufficient to counter it.

in reply to obbeel

That's what happens when you don't keep windows locked inside a virtual machine.
in reply to cmnybo

Microsoft breaks bootloader and nixes Linux partition

Microsoft: "patch seems to be working as intended"

in reply to obbeel

I dual booted a few times back in the days of winxp and win7. Never had a good experience somehow windows or a grub update always messed up things. Haven't ran windows in years but when I have to it goes on a separate drive now.
in reply to obbeel

Not the first time. I thought a Windows 10 update wiped grub, but Microsoft actually deleted my entire Linux partition. Others have experienced the same thing.

Windows is required for a couple of apps I need with no alternatives, but the only way it runs on any of my computers is in a VM.

in reply to obbeel

So they were trying to patch systems that use GRUB for Windows-only installs? What a load of BS. Why would anybody install GRUB to boot only Windows with that? Or am I overlooking something?

Furthermore, if GRUB has a security issue, they should've contributed a patch at the source instead of patching it themselves somehow.
I'm a bit stunned at the audacity of touching unmounted filesystems in an OS patch. Good thing Windows still doesn't include EXT4 and BTRFS drivers because they might start messing with unencrypted Linux system drives at this rate

in reply to Nick

[This comment has been deleted by an automated system]
This entry was edited (4 months ago)
in reply to Skull giver

What is that latter fallback called? I set up my boot manually using an EFI stub last time I installed arch but wasn't aware of any fallback bootloader
in reply to murtaza64

[This comment has been deleted by an automated system]
This entry was edited (4 months ago)
in reply to Skull giver

Thanks for the detailed explanation, makes a lot of sense! I guess what I did was set up a UEFI entry that specifies the location of the Linux kernel without any intermediate bootloader. Pretty sure I didn't set the fallback, so I'm guessing that's still owned by windows.
in reply to murtaza64

[This comment has been deleted by an automated system]
This entry was edited (4 months ago)
in reply to Nick

I agree they should have sent a patch to the grub source, but keep in mind big software companies like microsoft, Verizon, ... do not normally allow their product teams to send a patch or PR to open source projects. This is because in their contract it states that all code written on and during company times is owned by the company. This means that it is impossible for them to make a patch or PR because it would conflict with the projects licence and fact its open source.
This changes when the team explicitly works on the foss product/project like the ms wsl team or the team working on linux supporting azure hardware, but that is an exception. I do not believe the microsoft kernel/bootloader team is allowed to send patches to grub.

Its a terrible thing, and it shouldnt be, but thats the fact of the world atm.

This entry was edited (4 months ago)
in reply to DacoTaco

this changes nothing: microsoft should have sent a patch remains microsoft should have sent a patch; internal policies are irrelevant to actions effecting external projects
This entry was edited (5 months ago)
in reply to DacoTaco

What? Microsoft have written and released and contributed to many open source projects - they created vscode for one. They are even one of the top contributors to the Linux kernel.
in reply to nous

Yes, but not all devs within microsoft are allowed to work on non-ms foss projects. I assume wsl devs are allowed to send stuff to linux but visual studio devs probably are not.
in reply to DacoTaco

The wrote and released VS Code - a completely opensource development environment. If they wanted to patch Grub I bet they could have found the permissions internally to do that. Microsoft is a lot more open to OSS contributions then they were in the past.
in reply to nous

Not saying youre wrong, but you took the wrong project as an example hehe.
Visual code is not open source. Its core is, but visual code isnt.
The difference is what visual code ships with, on top of its core.
Its like saying chrome == chromium ( it isnt ).

Visual code comes with a lot of features, addins and other stuff that isnt in the core.
.net debugger for example, is not found in vscodium ( build of the vscode core ). And there is more stuff i cant think of now but have come across.
Source: been using vscodium for a few months instead of vscode

in reply to DacoTaco

Sure, my bad. But it does not change my point. They have released stuff as opensource even if not all of it. Which means they can if they want to.
in reply to nous

I know, hence why i said youre not wrong but the example was wrong :p
Also, its more complex than that. Some teams can, some cant. And if they can it all depends on what project or context. The business world isnt that cut and dry hehe
in reply to DacoTaco

Not true. A lot of commonly known closed source companies contribute to open source software, including Linux and BSD
in reply to tired_n_bored

And not every team is allowed to do that.
Also, youre telling somebody who has worked with big companies not allowing it in their employer contract that he is lying? Riiiight...
A lot of google devs also are not allowed to do any linux work outside of work without explicit permissions because of all the internal docs, teams and other work being done on linux from within google. Development rights is an absolute mess, legally.
I usually dont care and do what is right, despite what my emploter contract says, but i have gotten in trouble for it
This entry was edited (5 months ago)
in reply to DacoTaco

They can forbid you to work on opensource stuff while being in free time? I mean, I understand that you are not allowed to generate open code that utilises private know how of the company you work for. But not working on Linux in free time seems very strange to me 😮

Edit: deleted wrong “Edit:”


I keep Linux and windows on separate disks, grub or windows boot manager don't know about each other.
I have the Linux disk as the primary boot, if I need to boot into windows i use the bios boot selection screen.
It's a bit of a pain at times(have to mash F12 to get the bios boot menu) bit it's less of a headache than trying to fix grub

This entry was edited (4 months ago)
in reply to Petter1

Thats just dual booting. That wont work with the law if the contract says anything created using company hardware is theirs.
And yes, some companies need to give you a green light to work on projects in your free time, because they might have a team doing similar things somewhere, it might compete in something they would like to do in the future or like you said, might use company know how which is a huge nono.
Its bs imo, but those clauses and rules are found in some employment agreements.
Remember, always read your employment agreements!
This entry was edited (5 months ago)
in reply to Petter1

Yeah if you write proprietary code and then work on a similar project in your spare time, your company might sue you because you're likely reusing code you've seen or written at work.

For example Windows developers are forbidden from working on ReactOS

in reply to DacoTaco

I'm not saying you're lying, but you said

do not allow software developers to send a patch or PR to open source projects.


But this sentence in particular was misleading. Maybe you specifically did not have the right to do so, but in the Linux and BSD codebases there are a lot of @microsoft @netflix @oracle contributions, so at least there is someone in those companies authorized to do so

in reply to tired_n_bored

Fair, and ill edit my post accordingly!

There are teams that are allowed, and within those companies are teams that are directly related to foss projects because those companies are in the foundation or supports of the foundation. However, thats doesnt mean every (product) team in the company is allowed to or that they can do or change whatever they like. Its a complex mess

in reply to DacoTaco

This means that it is impossible for them to make a patch or PR because it would conflict with the projects licence and fact its open source.


That's not how it works. It just means the company owns the code for all intents and purposes, which also means that if they tell you that you can release it under a FOSS license / contribute to someone else's project, you can absolutely do that (they effectively grant you the license to use "their" code that you wrote under a FOSS license somewhere else).

in reply to Nick

In the mind of Microsoft, Windows is the only OS and all things on computers exist to facilitate Windows.
in reply to Nick

lol they fuck with my BIOS boot settings to the point i had to password it. they are that bad.
in reply to obbeel

Doesn't Windows break dual booting semi-regularly? I've always avoided it as I've had friends get burned by this in the past. I guess I just keep different OSes on different drives, but that obviously isn't feasible for everyone.
in reply to slembcke

I know that used to be the case. It's why I stopped trying to use a dual-booting system and instead just installed windows in Virtualbox.
This entry was edited (5 months ago)
in reply to NauticalNoodle

Yeah, it did get me to stop also a dual boot with Linux. I'm mostly Windows, so I've just used Linux in VMs.
in reply to slembcke

I have dualboot set-up on my MacBook and have no. But it is a long time ago, since I last started macOS and my Mac would not get new macOS updates anyway😂 that was the reason to install Linux in the first place 😝
in reply to slembcke

Legit have never had an issue with multi boot and windows like ever, tbf I don't go into windows that frequently anymore but it's never given me grief in at least a decade. I know my experience isn't universal though, so sorry to anyone who does have boot issues after windows updates.

In the worst case, could use bcdedit and use the windows boot loader (tbh I have no idea if that works here, but could be worth a try)

in reply to obbeel

Does having Linux and Windows on seperate drives mitigate this issue somewhat?
Wanting to start dual booting and moving to windows. Wondering if that helps at all.
Edit: I meant moving to Linux... >.>
This entry was edited (4 months ago)
in reply to IncogCyberspaceUser

I keep Linux and windows on separate disks, grub or windows boot manager don't know about each other.
I have the Linux disk as the primary boot, if I need to boot into windows i use the bios boot selection screen.
It's a bit of a pain at times(have to mash F12 to get the bios boot menu) bit it's less of a headache than trying to fix grub
in reply to JackDavies

I took this approach as well but I let Grub add Windows as a boot option. No mashing keys at post and Windows doesn't get to touch Grub or Debian.
in reply to Nik282000

I have considered adding windows to grub, but these days I hardly boot into windows so there is probably not much point.
in reply to 0x0

I'd only use windows for gaming really, wouldn't running it in a VM be less optimal in that vase? In terms of performance of windows and playing fames within the VM.
in reply to IncogCyberspaceUser

Really depends on the virtualization technology, hardware, configuration and game. Not a gamer myself.

Gaming on linux has come a long way in recent years though, in no small part thanks to Steam.

in reply to 0x0

Do you think I can program on a Windows VM? Do you work with it? I still use Windows because I need my programs to work on Windows (had my programs built on Linux fail on Windows Machines before). Do you have experience on this?
in reply to obbeel

That wouldn't be about the VM but the OS. If the software is built to target linux without care for portability then it'll fail on windows - you'd have to compile it targetting windows, either using the Visual Studio compiler or MinGW's gcc, be it native for windows under MSYS2 or using a cross-compiler variant.
in reply to IncogCyberspaceUser

Not on my experience. But separate machines would work, if Microsoft never releases a "Wi-Fi network security patch for compatibility with all machines".
in reply to obbeel

This is a regular occurrence and honestly we need to stop recommending dual boot. Use separate drives if you need to, but sharing the same drive is destined to brick something
in reply to merthyr1831

I don't think dual boot has ever been a good solution (unless you also run one or both of the OS's under the other in a VM).

Like, if you are unsure about linux, trying it out, learning, whatever, you can just boot a live"cd", or maybe install it on an external (flash) drive.

If you are kinda sure you want to switch, just nuke Windows; it's easier to switch that way than to have everything on two systems, having to switch.

in reply to Amju Wolf

That is until you want to switch and use mostly linux, but you have friends who want to play one of those few games that only works on windows
in reply to kameecoding

The second windows isnt the only option for "all games without any effort", it will be dead.
in reply to Freefall

Well i believe it already is for the majority of games, though I don't game anymore so I don't know, proton wasnt 100% a year or two back
in reply to kameecoding

I've been on Steam+Proton for more than 3 years now. So many many games are now supported. It is usually the DRM kernel anti-cheats that are Windoxez only tend to be the broken ones. I dont buy or care about games that run anti-cheat in Windoze kernel.
in reply to kameecoding

I recently moved from proton to a W11 KVM with my 4080 passed through.

Unfortunately those hostile GAAS probably would be able to detect and block you (I don't play those games)

in reply to merthyr1831

But having 2 drives does not solve the boot loading issue, I mean, even if you have two drives, you still have only one bootloader, not?
in reply to Petter1

You can have a own EFI partition per Drive (and on it whatever bootloader you want). You then need to use the UEFI boot menu if you want e.g. boot the Windows one.
If you have 2 different OS on different drives they should never interfere with each other.

Well, i mean you could of course use the Linux Bootmanager to then forward to the Windows boot manager on the other disk. but i never experimented with that.

This entry was edited (5 months ago)
in reply to Metz

I just learned that you can do this setup even on one drive alone (having two bootloader on one drive in two partition and choosing in UEFI/Legacy BIOS)
in reply to Petter1

even if you have two drives, you still have only one bootloader, not?


The idea is to have completely separate boot and OS drives. You select which one you want to boot through the BIOS boot selection (ie. pressing F10 or F11 at the BIOS screen).

This functionally makes each OS "unaware" of the other one.

in reply to CeeBee_Eh

Unfortunately it really doesn’t. And it’s actually Linux that’s the bigger problem: whenever it decides to updates GRUB it looks for OSes on all of your drives to make grub entries for them. It also doesn’t necessarily modify the version of grub on the booted drive.

Yes I’m sure there’s a way to manually configure everything perfectly but my goal is a setup where I don’t have to constantly manually fix things.

in reply to WolfLink

If you install each OS with it's own drive as the boot device, then you won't see this issue.

Unless you boot Windows via the grub boot menu. If you do that then Windows will see that drive as the boot device.

If you select the OS by using the BIOS boot selection then you won't see this issue.

I was bitten by Windows doing exactly this almost 15 years ago. Since that day if I ever had a need for dual-boot (even if running different distros) each OS will get it's own dedicated drive, and I select what I want to boot through the BBS (BIOS Boot Selection). It's usually invoked with F10 or F11 (but could be a different key combo.

in reply to WolfLink

My install does not seem to do this. I removed the windows drive when installing Linux on a new drive. Put both drives in and select which one to boot in the bios. Its been that way for about a year and, so far, grub updates have never noticed the windows install nor added to grub.

That's with bazzite, can't speak for any other distro as that is the only dual-boot machine I own. Bazzite does mention they do not recommend traditional dual boot with the boot loader and recommend the bios method so maybe they have something changed to avoid that?

in reply to CeeBee_Eh

Oh you sweet sweet summer boy....

We're talking Microsoft here, they'll make sure they're aware and they'll make sure to f you over because Microsoft

in reply to Phoenixz

While I generally agree with that, that's not what seems to be happening here. What seems to be happening is that anyone who boots Windows via grub is getting grub itself overwritten.

When you install Linux, boot loaders like grub generally are smart and try to be helpful by scanning all available OSes and provide a boot menu entry for those. This is generally to help new users who install a dual-boot system and help them not think that "Linux erased Windows" when they see the new grub boot loader.

When you boot Windows from grub, Windows treats the drive with grub (where it booted from) as the boot drive. But if you tell your BIOS to boot the Windows drive, then grub won't be invoked and Windows will boot seeing it's own drive as the boot drive.

This is mostly an assumption as this hasn't happened to me and details are still a bit scarce.

in reply to CeeBee_Eh

I did that and a Windows update nuked Linux from the BIOS boot loader a few weeks ago.

The only safe option is to have completely separate machines. Thankfully with the rise of ridiculously powerful minipcs that's easier than ever.

in reply to merthyr1831

I literally got this error using a bootable SSD with Ubuntu Mate on it. Separate drives aren't immune to the issue.
in reply to Cyberpunk Librarian

I think I've managed to avoid this by making the Linux drive my boot drive and by leaving the Windows drive untouched. (i.e. grub bootloader on the Linux drive, with option to boot to Windows as the second choice)
in reply to Cyberpunk Librarian

This isn't true if you have a bootloader on each drive, which, I think, is what the we're talking about.
in reply to obbeel

Microsoft! You missed your last chance to stay on my computers with your os. Take care, so long and thanks for all the cons.
in reply to QuestionMark

I’d almost bet money that in a year or two they’ll make it so that the latest version of windows cannot be installed in virtual machines
in reply to PerogiBoi

That would break 90+% of installations then. And all of Azure.
This entry was edited (4 months ago)
in reply to CeeBee_Eh

That's when they "graciously" offer to whitelist "approved" devices to boot windows VM from.
in reply to curry

Then anyone running a Windows VM would just switch to a Server edition, which is almost exclusively run via a VM.
in reply to obbeel

This reminds me I still have a win 10 partition on my drive. Ye! Extra space to reclaim!
in reply to obbeel

The only way to fix your computer is to uninstall all spyware like Windows
Unknown parent

lemmy - Link to source
non_burglar

EFI can also live in firmware memory.

You can pull the linux drive, boot from the windows drive, and if one of the firmware updates was for efi, windows will trash the entry for your Linux disk.

This has happened for me many times, I had to use a grub rescue disk to rebuild the efi table.

in reply to obbeel

Semi-O/T: I feel Microsoft is such a violation of personal security that I would not dual boot anything with Windows. I forget exactly what happened (the details), but I remember when I had upgraded my desktop from Win7 Pro to W10 Pro from the free upgrade feature, it broke the MBR/GRUB.. from that day on, I've kept my OS completed separated by device.

If it's just sandboxing / VMs, that's whatever, not sweating that at all.

in reply to obbeel

Remove your Microsoft installation, done.

Yes but...


But what? This is Microsoft, they fucked it up so many times that it's either incompetence or sabotage, and knowing Microsoft, it's probably both.

This is the same company that invented millions to sabotage Linux through the legal system (hello sco), and the same company that in purpose left gaping security holes open as to not lose any money, causing China to hack the US government through said holes.

Then we decide that just that money isn't enough so we'll spy on you at every step of the way, we will force feed you ads, and we'll use you to train our shitty AI

Frack Microsoft, frack any and all of their software.

This entry was edited (4 months ago)
in reply to obbeel

If you need to dual boot, be sure to use separate EFI partitions for windows and Linux, separate drives if possible. Windows has done this far too many times.
in reply to priapus

and unplug your linux drive when booting windows, just in case
in reply to obbeel

I had the intention of reinstalling my windows because it was like from back when win10 was new and the winsxs folder was so big that a 100GB partition was not enough for just windows with all the 3rd party programs installed on another partition... but I noticed that all my games run on Linux so I ended up wiping the 100GB nvme windows partition and moving my dual boot Linux there. I've been without windows for a couple of months now and I haven't really missed it.
in reply to fossilesque

I recently discovered that Rufus has an option to set up a Windows ISO as "Windows on the go" so I dug out an old 500Gb SSD that had a USB adapter with it and installed Windows on that. So now instead of dual booting I can just hit F12 and boot from USB on the rare occasions when I need to run something in Windows.

It's also quite satisfying to be able to physically remove Windows and shove it into a drawer when it goes full Windows too lol.

This entry was edited (4 months ago)
in reply to obbeel

Is there any issue with having windows on one drive and Linux on the other and toggling in the bios at boot? Do I introduce any problems by keeping my rarely used windows installation on a separate disk like this?
in reply to njordomir

I'm not sure, but clearly something happens on the background, as my Debian drive broke after I changed it back and forth for the Windows drive. Grub fell back to rescue mode. After following some instructions and trying to boot from grub command line, Debian wouldn't boot after it recognized the mouse. That's what I know. Even in different drives, something happens on the PC when you go back and forth with Windows and Linux.
in reply to obbeel

I should have been more clear,

Assuming dev/sda is Linux and dev/sdb is Windows, I have grub on sda and Windows bootloader on sdb. I use a hotkey at boot to tell the bios which drive to boot from.

Theoretically windows thinks it's the only OS unless it's scoping out that second hard disk.

in reply to njordomir

It updates Secure Boot in the BIOS, so you could completely remove Windows but the Secure Boot update would still be in the BIOS and affect the boot loader.
in reply to obbeel

Here's how to delete the SBAT policy that the Windows Update applies.
in reply to obbeel

So, excusing my ignorance as a fairly recent Linux convert, what does this mean for my dual boot system?

I haven’t booted windows for weeks and am pretty sure there have been no updates since it was freshly reinstalled (maybe 6 months ago) as a dual boot with Debian.

Is this only a problem if I allow Windows to update?

Are Microsoft likely to fix the issue in a subsequent release?

in reply to timmytbt

Yes, you don't have to worry as long as you don't boot up windows and let it install the update.

This is not the first time they break dual boots by touching the partitions, but this is the first time they deliberately break it (that I know of).
I always had windows on its own drive because of that. If you don't use windows a lot then I would suggest to do the same. You have to change to windows through bios but it isn't that much more work.

in reply to Kuma

And just in case when installing windows on its own drive, only have the windows drive mounted so it doesn't write to the linux drive.
in reply to Kuma

Thanks for the reply, and good to know!

I think I’ll blow away the windows install on this machine completely.

I still have another pc for some audio tools that don’t run under Linux, but this machine is my daily driver now and I couldn’t be happier.

in reply to timmytbt

FWIW, I'm dual-booting windows and mint atm. Separate drives, but just one EFI partition, and this update hasn't borked things for me.
Unknown parent

lemmy - Link to source
non_burglar
I'm not exactly sure what you're suggesting. Isn't that more or less what I just said?