> Major question for me is, are the grubs that are getting rejected completely unpatched, or were they patched by distros without updating the "security generation"?
> I'd be also really curious to hear how MS was attempting to do dual-boot detection
I'm in the boat that they shouldn't doing dual boot detection at all, it sounds like everyone agreed to use SBAT to stop vulnerable bootchains from being exploitable and some Linux distributions got caught slacking.
Reading into https://www.gnu.org/software/grub/manual/grub/html_node/Secu...
It's possible it's both?
> I'd be also really curious to hear how MS was attempting to do dual-boot detection
I'm in the boat that they shouldn't doing dual boot detection at all, it sounds like everyone agreed to use SBAT to stop vulnerable bootchains from being exploitable and some Linux distributions got caught slacking.