Microsoft has expanded guidance on a Windows shutdown bug triggered by January 2026 updates, confirming it affects more systems than first reported. According to BleepingComputer, the issue can cause some devices to restart instead of shutting down or entering hibernation when specific security configurations are enabled.
For most users, the symptom looks like “my PC won’t shut down.” For IT teams, the real issue is compatibility between security features that rely on virtualization and the update path.
What’s happening on affected machines
BleepingComputer reports that after installing certain updates, some Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled are unable to shut down or hibernate; instead, the system restarts.
This isn’t just annoying. It can:
- Break patching and maintenance windows
- Confuse power-management policies
- Increase wear (unexpected reboots)
- Leave systems in unexpected states for encryption and compliance workflows
Which Windows versions and updates are involved
Per BleepingComputer:
- Windows 11 23H2 systems with KB5073455 installed (and System Guard Secure Launch enabled) were identified as affected.
- Microsoft issued out-of-band (OOB) updates shortly after to address that specific case.
- Microsoft later updated its dashboard to confirm similar behavior on Windows 10 22H2 and certain Windows 10 Enterprise LTSC versions when VSM is enabled after installing updates including KB5073724 and KB5078131.
What is VSM and why it’s in the story
VSM (Virtual Secure Mode) uses hardware virtualization to create an isolated “secure kernel” region, protecting sensitive assets like:
- Credentials
- Encryption keys
- Security tokens
It underpins features such as Credential Guard and Hypervisor-Protected Code Integrity.
Because VSM changes how the OS interacts with low-level components (boot, memory isolation, hypervisor), bugs in the update path can show up specifically on machines with these protections enabled.
The workaround Microsoft recommends
BleepingComputer reports that Microsoft advised affected customers to manually shut down using:
shutdown /s /t 0
This forces a direct shutdown command path and can help until a fix is delivered via a future update.
For organizations, that workaround can be scripted or pushed via management tools, but it’s still a band-aid.
What IT teams should do now
- Check which fleets have Secure Launch or VSM enabled (these may be limited to certain models or enterprise images).
- Confirm update KBs installed and match against Microsoft’s release-health notes.
- Deploy OOB updates where applicable and validate shutdown/hibernate behavior.
- Communicate user guidance (including the command-line workaround) to reduce helpdesk noise.
Bottom line
The Windows shutdown bug is a reminder that stronger security features can introduce more complex interactions with updates. If your devices use Secure Launch or VSM, track Microsoft’s release-health advisories closely—and use the shutdown command workaround until the permanent fix ships.
English
العربية
Čeština
Dansk
Nederlands
Eesti
Suomi
Français
Deutsch
Ελληνικά
Magyar
Italiano
日本語
한국어
Latviešu valoda
Lietuvių kalba
Norsk bokmål
Polski
Português
Română
Русский
Slovenčina
Slovenščina
Español
Svenska
Türkçe