See the 2nd bullet in the Avoiding issues with your Bootable Media section of KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932
- Backups of Windows which were imaged before the installation of updates released on or after May 9, 2023. These will not be directly usable to restore your Windows installation after the revocations have been enabled on your device.
Backups created on devices with pre May 9 boot manager and revocations will restore on devices with boot managers and revocatons release on and after May 9, 2023 but will trigger a no boot condition listed in the Troubleshooting boot issues section of the same article.
Best practice is to refresh and separate pre and post-May 9 backups
Use the recovery steps if you must restore a pre-May 9 backup.