DELL7750:~/Downloads> sudo fwupdmgr update
Devices with no available firmware updates:
• SSD 970 EVO Plus 2TB
• SSD 970 EVO Plus 2TB
• Thunderbolt host controller
• UEFI Device Firmware
• UEFI Device Firmware
Devices with the latest available firmware version:
• BC711 NVMe SK hynix 256GB
• System Firmware
╔══════════════════════════════════════════════════════════════════════════════╗
║ Upgrade UEFI dbx from 77 to 217? ║
╠══════════════════════════════════════════════════════════════════════════════╣
║ This updates the dbx to the latest release from Microsoft which adds ║
║ insecure versions of grub and shim to the list of forbidden signatures due ║
║ to multiple discovered security updates. ║
║ ║
║ Before installing the update, fwupd will check for any affected executables ║
║ in the ESP and will refuse to update if it finds any boot binaries signed ║
║ with any of the forbidden signatures.If the installation fails, you will ║
║ need to update shim and grub packages before the update can be deployed. ║
║ ║
║ Once you have installed this dbx update, any DVD or USB installer images ║
║ signed with the old signatures may not work correctly.You may have to ║
║ temporarily turn off secure boot when using recovery or installation media, ║
║ if new images have not been made available by your distribution. ║
║ ║
║ UEFI dbx and all connected devices may not be usable while updating. ║
╚══════════════════════════════════════════════════════════════════════════════╝
Perform operation? [Y|n]:
Downloading… [***************************************]
Decompressing… [***************************************]
Decompressing… [***************************************]
Authenticating… [***************************************]
Authenticating… [***************************************]
Restarting device… [***************************************]
Writing… [***************************************]
Decompressing… [***************************************]
Blocked executable in the ESP, ensure grub and shim are up to date: /boot/efi/EFI/Boot/shimx64.efi Authenticode checksum [007f4c95125713b112093e21663e2d23e3c1ae9ce4b5de0d58a297332336a2d8] is present in dbx
VERSION="22.04.1 LTS (Jammy Jellyfish)"
Dell 7750
DELL7750: ~/Downloads> sudo fwupdmgr update ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ══╗ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ══╣ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ═══════ ══╝
Devices with no available firmware updates:
• SSD 970 EVO Plus 2TB
• SSD 970 EVO Plus 2TB
• Thunderbolt host controller
• UEFI Device Firmware
• UEFI Device Firmware
Devices with the latest available firmware version:
• BC711 NVMe SK hynix 256GB
• System Firmware
╔══════
║ Upgrade UEFI dbx from 77 to 217? ║
╠══════
║ This updates the dbx to the latest release from Microsoft which adds ║
║ insecure versions of grub and shim to the list of forbidden signatures due ║
║ to multiple discovered security updates. ║
║ ║
║ Before installing the update, fwupd will check for any affected executables ║
║ in the ESP and will refuse to update if it finds any boot binaries signed ║
║ with any of the forbidden signatures.If the installation fails, you will ║
║ need to update shim and grub packages before the update can be deployed. ║
║ ║
║ Once you have installed this dbx update, any DVD or USB installer images ║
║ signed with the old signatures may not work correctly.You may have to ║
║ temporarily turn off secure boot when using recovery or installation media, ║
║ if new images have not been made available by your distribution. ║
║ ║
║ UEFI dbx and all connected devices may not be usable while updating. ║
╚══════
Perform operation? [Y|n]: ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] ******* ******* ******* ******* *****] EFI/Boot/ shimx64. efi Authenticode checksum [007f4c95125713 b112093e21663e2 d23e3c1ae9ce4b5 de0d58a29733233 6a2d8] is present in dbx
Downloading… [******
Decompressing… [******
Decompressing… [******
Authenticating… [******
Authenticating… [******
Restarting device… [******
Writing… [******
Decompressing… [******
Blocked executable in the ESP, ensure grub and shim are up to date: /boot/efi/
DELL7750: ~/Downloads> sudo fwupdtool esp-list --verbose p/UDisks2/ block_devices/ nvme1n1p3, type: 0fc63daf- 8483-4772- 8e79-3d69d8477d e4, internal: 1, fs: ext4 p/UDisks2/ block_devices/ nvme1n1p2, type: e3c9e316- 0b5c-4db8- 817d-f92df00215 ae, internal: 1, fs: vfat p/UDisks2/ block_devices/ nvme1n1p1, type: c12a7328- f81f-11d2- ba4b-00a0c93ec9 3b, internal: 1, fs: vfat p/UDisks2/ block_devices/ nvme1n1p1 EFI/Boot/ BOOTX64. EFI EFI/Boot/ en-us/bootx64. efi.mui EFI/Boot/ shimx64. efi EFI/Boot/ fbx64.efi EFI/Boot/ mmx64.efi EFI/Microsoft/ Boot/BCD EFI/Microsoft/ Boot/Fonts/ chs_boot. ttf EFI/Microsoft/ Boot/Fonts/ cht_boot. ttf EFI/Microsoft/ Boot/Fonts/ jpn_boot. ttf EFI/Microsoft/ Boot/Fonts/ kor_boot. ttf EFI/Microsoft/ Boot/Fonts/ malgun_ boot.ttf EFI/Microsoft/ Boot/Fonts/ meiryo_ boot.ttf EFI/Microsoft/ Boot/Fonts/ msjh_boot. ttf EFI/Microsoft/ Boot/Fonts/ msyh_boot. ttf EFI/Microsoft/ Boot/Fonts/ segmono_ boot.ttf EFI/Microsoft/ Boot/Fonts/ segoe_slboot. ttf EFI/Microsoft/ Boot/Fonts/ wgl4_boot. ttf EFI/Microsoft/ Boot/Resources/ bootres. dll EFI/Microsoft/ Boot/BCD. LOG EFI/dell/ bios/recovery/ BIOS_PRE. rcv EFI/dell/ bios/recovery/ BIOS_CUR. RCV EFI/dell/ logs/diags_ previous. xml EFI/dell/ logs/diags_ current. xml EFI/ubuntu/ fw/fwupd- cd2d1a90- 4e20-42fd- 8e4a-4674177ac4 16.cap EFI/ubuntu/ grubx64. efi EFI/ubuntu/ grub.cfg EFI/ubuntu/ shimx64. efi EFI/ubuntu/ mmx64.efi EFI/ubuntu/ BOOTX64. CSV EFI/ubuntu/ fwupdx64. efi en-us/bootmgr. efi.mui
18:24:08:0819 FuDebug Verbose debugging enabled (on console 1)
18:24:08:0873 FuCommon device /org/freedeskto
18:24:08:0877 FuCommon device /org/freedeskto
18:24:08:0881 FuCommon device /org/freedeskto
Selected volume: /org/freedeskto
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
/boot/efi/
The content of this thread seems similar to my current predicament.
Is it?