Microsoft withdrew a number of boot loader signatures via Windows Update for the August patch day and effectively paralyzed Linux: Thanks to Secure Boot, computers only start operating systems whose boot loaders have been signed by Microsoft. So rootkits and boot viruses should not have a chance. c’t explains how to get your Linux running again despite Microsoft’s boot monopoly.
It is reminiscent of the operating system war “Microsoft against Linux” at the turn of the millennium: With the Windows security update of August 9, Microsoft blacklisted over 100 Linux boot loaders. Since then, UEFI Secure Boot has prevented a number of Linux distributions from booting. At the time of going to press, we were no longer able to install the still current Ubuntu 20.04 LTS or Manjaro Linux – unless you switch off Secure Boot in the BIOS setup. Even live Linux systems such as Desinfec’t no longer boot on PCs on which the Windows update was previously installed automatically.
Undoing the update on Windows doesn’t solve the problem because it changes the contents of the flash memory on the motherboard, which also stores the UEFI BIOS code. Switching off Secure Boot on the fly can even increase the problem on some computers and lead to a complete data loss under Windows, so that you end up without a working operating system at all.