SBAT verification error booting Linux after Windows update

So if I disable secure boot, install Ubuntu, and then reenable secure boot, it does boot the installed OS.

And if I run mokutil --list-sbat-revocations it lists:

sbat,1,2023012900
shim,2
grub,3
grub.debian,4

And now I can boot the Ubuntu install media with secure boot enabled! So the installed Ubuntu seems to have set/overridden the SBAT NVRAM entry.

1 Like