Oddbean new post about | logout
 Garrett: What is an SBAT and why does everyone suddenly care

Matthew Garrett <a href="https://mjg59.dreamwidth.org/70348.html" rel="nofollow">describes
the role of the Secure Boot Advanced Targeting mechanism</a> and how it
played into the recent Windows upgrade problems.


	So why is this suddenly relevant? SBAT was developed
	collaboratively between the Linux community and Microsoft, and
	Microsoft chose to push a Windows update that told systems not to
	trust versions of grub with a security generation below a certain
	level. This was because those versions of grub had genuine security
	vulnerabilities that would allow an attacker to compromise the
	Windows secure boot chain, and we've seen real world examples of
	malware wanting to do that.


https://lwn.net/Articles/986844/