Official FAQ

• I have checked the official FAQ.

Ventoy Version

1.0.99

What about latest release

Yes. I have tried the latest release, but the bug still exist.

Try alternative boot mode

Yes. I have tried them, but the bug still exist.

BIOS Mode

UEFI Mode

Partition Style

GPT

Disk Capacity

200GB

Disk Manufacturer

Framework

Image file checksum (if applicable)

None

Image file download link (if applicable)

No response

What happened?

As far as I understand this topic, the latest Windows Update from August 13, 2024 did some changes to some UEFI tables so that there were signatures of vulnerable Shims blacklisted. Therefore, booting Ventoy now fails with the message

Verifying shim SBAT data failed: Security Policy Violation
Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation

This topic was already discussed for a supposedly earlier Shim version in #2692 which is still open for some reason.
The recent issue was posted on forums here and here

As a temporary workaround, secure boot must be disabled until there is an updated version of ventoy with the latest Shim version available.

Edit:
As pointed out by KevinLenoir, the target OS for SecureBoot can be changed from "Windows" to "Other OS" on Machines which support this feature. This way, Secure Boot might not have to be disabled completely.

More Information on how Shim works can be found on Arch Wiki. More info on the topic of SBAT revocation lists can be found in the rhboot/shim repository here and here