long panda you should read this 

------------------------------------------------------


Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) could allow attackers to execute unauthorized code in an early stage of the boot process, before the operating system loads.
Vendor-specific bootloaders used by Windows were found to be vulnerable while the status of almost a dozen others is currently unknown.
Threat actors could exploit the security issue to establish persistence on a target system that cannot be removed by reinstalling the operating system (OS).
Elysium security researchers Mickey Shkatov and Jesse Michael discovered vulnerabilities affecting UEFI bootloaders from third-party vendors that could be exploited to bypass the Secure Boot feature on Windows machines.
Secure Boot is part of the UEFI specification designed to ensure that only trusted code - signed with a specific, vendor-supplied certificate - is executed to start the OS booting process.
The firmware bootloader runs immediately after turning on the system to initialize the hardware and to boot the UEFI environment responsible for launching the Windows Boot Manager.

[b]Overview of the boot process on UEFI systems[/b]
source: Microsoft

• New Horizon Datasys Inc: CVE-2022-34302 (bypass Secure Boot via custom installer)
  
  
• CryptoPro Secure Disk: CVE-2022-34301 (bypass Secure Boot via UEFI Shell execution)
  
  
• Eurosoft (UK) Ltd: CVE-2022-34303 (bypass Secure Boot via UEFI Shell execution) 
  

I properly installed (from Windows 10) Ventoy on a USB stick a couple of days ago and copied a Linux Mint iso and a Puppy Linux iso to the proper partition (reformatted as FAT32), but my computer refuses to acknowledge Ventoy.

I first tried it by accessing the boot menu from BIOS (UEFI, secure boot disabled). Selecting the proper boot option does nothing and I return to the BIOS screen. When I select Windows, it boots up normally. I tried switching the correct boot option to the top of the boot priority, saved and exited, but it still booted to Windows as if the option didn't exist. I also tried to boot again directly from the boot menu this time (instead of accessing the boot menu from BIOS), it still didn't work. 

I have live-booted Linux Mint on this machine from this same USB stick previously (I used Etcher then) so I don't think it's a hardware problem either. Can anyone help me? This is my first time posting to a forum like this, so I hope I have provided all the information needed.

1) During install, if MBR is chosen, does Ventoy write to the "hidden track 0" some boot code
2) Technically curious - how does Ventoy boot in BIOS mode?  Does the MBR pass control to a program in the VToyEFI partition and if so, is it the same program that Bootx64.efi passes control to in UEFI mode?

I'm not sure if this is a Ventoy specific question, but I'm hoping someone with experience can answer.

The thing is I have a robot lawnmower, a 3D printer, and some other hardware, which requires a FAT32 partition with files on it for firmware updates. Just yesterday I formatted my 128GB USB drive as FAT32 and updated my lawnmower.

Ventoy, by default, creates an exFAT partition. No issues there, as all my systems, computers, laptops, phones, etc. can read exFAT. However, if I want to use that USB drive to update stuff like my lawnmower, what would the proper way be then? Can Ventoy read all of the partitions? Should I just create a ~8GB FAT32 partition at the start of the blocks, then create an exFAT partition for the remaining?

Let me know what you think. I essentially want to use my USB drive as an "all in one" stick, that can do everything and anything.

Thanks!

After Windows update KB5012170 (August 9, 2022), Ventoy can no longer be booted with Secure boot enabled.

Summary

This security update makes improvements to Secure Boot DBX for the supported Windows versions listed in the "Applies to" section. Key changes include the following:

Windows devices that has Unified Extensible Firmware Interface (UEFI) based firmware can run with Secure Boot enabled. The Secure Boot Forbidden Signature Database (DBX) prevents UEFI modules from loading. This update adds modules to the DBX.

A security feature bypass vulnerability exists in secure boot. An attacker who successfully exploited the vulnerability might bypass secure boot and load untrusted software.

This security update addresses the vulnerability by adding the signatures of the known vulnerable UEFI modules to the DBX.

KB5012170

Hello forum

tried to install Ventoy with "reserve disk space" .  

- after installing Ventoy with the -r option under Linux, I can't find this new partition and gparted does not report/see this partiton as well

- same thing under Windows (under Windows I dedicated 16GB as reserve disk space) and this is reflected in the
  Windows Filemanager (41,6GB free (of 64GB) )


Question:
Why I can't see the Reserve partiton?


Thank's a lot for any feedback!


Harry


$ sudo ./Ventoy2Disk.sh -r 8124 -i /dev/sdd

**********************************************
      Ventoy: 1.0.77  x86_64
      longpanda admin@ventoy.net
      https://www.ventoy.net
**********************************************

Disk : /dev/sdd
Model: Kingston DataTraveler 3.0 (scsi)
Size : 57 GB
Style: MBR

You will reserve 8124 MB disk space

Attention:
You will install Ventoy to /dev/sdd.
All the data on the disk /dev/sdd will be lost!!!

Continue? (y/n) y

All the data on the disk /dev/sdd will be lost!!!
Double-check. Continue? (y/n) y

Create partitions on /dev/sdd by parted in MBR style ...
Done
Wait for partitions ...
partition exist OK
create efi fat fs /dev/sdd2 ...
mkfs.fat 4.1 (2017-01-24)
success
Wait for partitions ...
Wait for /dev/sdd1//dev/sdd2 ...
/dev/sdd1 exist OK
/dev/sdd2 exist OK
partition exist OK
Format partition 1 /dev/sdd1 ...
mkexfatfs 1.3.0
Creating... done.
Flushing... done.
File system created successfully.
mkexfatfs success
writing data to disk ...
sync data ...
esp partition processing ...

Install Ventoy to /dev/sdd successfully finished

If I used Ventoy to create the original UFD and reserved space then created a partition in this reserved space and put ISO's in it, in addition to the ISO's in the original Ventoy partition, would Ventoy find all of them/would this work?  In other words, will Ventoy search ALL partitions (exFAT, NTFS) for ISO's or only the first partition on the UFD?
--
Why: I want a fast way to keep my Ventoy CLONED UFD up to date.  Macrium supports RDC - Rapid Delta Clone - with it I can insert the original Ventoy UFD and the clone and tell it to copy over only the blocks on the UFD that have changed.  Problem is that this RDC only works with NTFS partitions.  If I reformatted the Ventoy partition from exFAT to NTFS, I guess that would work with RDC but I also have 2 FreeBSD ISO's and I don't think they would work booted from NTFS (or would they)?

So my idea is:

P1 - Ventoy (originally exFAT reformatted to NTFS + reserved space) - put all Windows ISO's here - use Macrium to keep it updated using RDC
P2 - Ventoy EFI - unchanged
P3 - User created partition from reserved space - exFAT - put ISO's that are incompatible with NTFS here

Thanks for such a great tool!!!

Ventoy 1.0.79 + Easy OS 4.3 or 4.3.3 same error.  During boot, the creating snapshot step fails w/ error: cannot find easy.sfs

This is not the same error experienced w/ 4.0 which needed more room and was achieved by using a truncate command on the .img file to expand its innards to 2G, which enables 4.0 to boot w/ Ventoy.

Even tho' the error was different, I attempted the same maneuver on 4.3, but it did not change the error problem.  Of course, I can boot the .img if I write it 'directly' w/ something like Rufus or Etcher.

我的PC上只有一个很大的硬盘，GPT，UEFI启动，已经安装了几个操作系统，还有很多空闲的分区，现在我想把Ventoy安装到这个硬盘上，就像一个普通的操作系统一样可以选择启动，这样就可以省下一笔买大容量U盘的钱了，那该多好？能办到吗？

Is it possible installing Ventoy into local disk along with other OS's? If the answer is yes that would be great! Could any one tell me how to achieve that?

Hello

In Ventoy 1.0.79 I cant´t load:

- Darik's Boot and Nuke 2.3.0
- MiniTool Partition Wizard Enterprise 12.6
- MiniTool Partition Wizard Technician12.6
- Ultimate Boot CD 5.3.9
- Hiren's BootCD 15.2

Anybody knows how to fix it?

Many thanks

Windows 10.0.19044.1288
Windows 11.0.22000.318