Microsoft’s bulletin for CVE-20220-2601 explained that the update would install an SBAT —a Linux mechanism for revoking various components in the boot path—but only on devices configured to ...