Windows 11 shutdown bug forces Microsoft into out-of-band damage control

Microsoft has rushed out an out-of-band Windows 11 update after January's Patch Tuesday broke something as fundamental as turning PCs off.

The emergency fix, KB5077797, landed on January 17 for Windows 11 version 23H2 and is aimed squarely at cleaning up the mess left behind by the regular monthly update earlier in the month. That update, intended to close a long list of security holes, instead left some systems stubbornly refusing to shut down, restart, or hibernate, with shutdown commands frequently shrugged off by the operating system.

The culprit turned out to be System Guard Secure Launch, one of Microsoft's boot-time hardening features, which didn't play nicely with the January update.

On affected systems - typically builds where Secure Launch is enabled by default - machines would go through the motions of shutting down, then either sit there humming away or spring back to life. That translated into laptops quietly draining overnight and desktops burning power long after everyone had gone home.

Microsoft says the out-of-band update puts shutdown and hibernation back the way they should be, without waiting for the next Patch Tuesday to roll around. Beyond that, Redmond isn't offering much in the way of explanation, other than confirming the bug was introduced by January's cumulative update and was enough of a problem to justify an unscheduled fix.

The OOB update also rolls out fixes for a separate but no less annoying authentication problem. Some users found themselves unable to sign in over Remote Desktop after installing the January patches, thanks to credential prompts that failed or looped endlessly. That bug affected both client and server environments and added to the sense that January's updates were doing more harm than good in some scenarios.

Microsoft also last week fessed up to yet another bug introduced by Patch Tuesday, in which classic Outlook POP account profiles can hang or freeze. A fix for this issue has not yet been released.

The mess arrived as Microsoft was shoveling out one of its bigger monthly update bundles, with January's Patch Tuesday clocking in at well over 100 fixes across Windows and its supporting components. At least one of those bugs was already being actively exploited, so sitting on the update wasn't much of an option. That left security teams patching in a hurry, and only discovering the various borkages once machines started acting up.

Microsoft is advising affected users to install KB5077797 to address the shutdown and Remote Desktop problems. For everyone else, it's another reminder that even routine monthly updates can carry side effects, and that problems introduced in the name of security may only surface once patches are widely deployed. ®