UEFI dbx fails to update due to fedora shim.efi

I am running Fedora Silverblue 37. There is an UEFI update available from fwupd, but it fails to install due to a complaint about the Fedora shim.

║ Upgrade UEFI dbx from 83 to 217?                                             ║
║ This updates the dbx to the latest release from Microsoft which adds         ║
║ insecure versions of grub and shim to the list of forbidden signatures due   ║
║ to multiple discovered security updates.                                     ║
║                                                                              ║
║ Before installing the update, fwupd will check for any affected executables  ║
║ in the ESP and will refuse to update if it finds any boot binaries signed    ║
║ with any of the forbidden signatures. If the installation fails, you will    ║
║ need to update shim and grub packages before the update can be deployed.     ║
║                                                                              ║
║ Once you have installed this dbx update, any DVD or USB installer images     ║
║ signed with the old signatures may not work correctly. You may have to       ║
║ temporarily turn off secure boot when using recovery or installation media,  ║
║ if new images have not been made available by your distribution.             ║
║                                                                              ║

Perform operation? [Y|n]: y
Downloading…             [***************************************]
Downloading…             [***************************************]
Decompressing…           [***************************************]
Authenticating…          [***************************************]
Waiting…                 [***************************************]
Writing…                 [***************************************]
Decompressing…           [                                       ]Blocked executable in the ESP, ensure grub and shim are up to date: /boot/efi/EFI/fedora/shim.efi Authenticode checksum [0ce02100f67c7ef85f4eed368f02bf7092380a3c23ca91fd7f19430d94b00c19] is present in dbx

I am up to date on Silvberblue. Info from rpm-ostree:

                  Version: 37.20230122.0 (2023-01-22T00:46:38Z)
               BaseCommit: 91fe33a8681ed2ee3e7db9b8ab3c7ec0207c5d65df63aad013cd81d15e628765
             GPGSignature: Valid signature by ACB5EE4E831C74BB7C168D27F55AD3FB5323552A

Is there something I can do to resolve this? Is there a separate update for the fedora shim that I need to install?

Refer to: 2127995 – BOOTX64.EFI on f36 Silverblue needs update to be able to upgrade UEFI dbx