“`html
On January 13, 2026, Microsoft released a security update for Windows 11, which has caused a disconcerting issue: affected computers are unable to shut down or hibernate, opting instead to restart.
The problem is derived from KB5073455, which targets OS Build 22621.6491 for Windows 11 version 23H2. It was initially reported on January 15 and arises due to disruption with Secure Launch, a virtualization-based security (VBS) feature aimed at safeguarding boot processes against firmware threats like rootkits.
Secure Launch, incorporated into Windows’ System Guard suite, verifies the firmware environment at startup using hypervisor-protected code integrity.
By isolating core root of trust measurements, it prevents persistent malware from manipulating the pre-OS environment. Ironically, this month’s update, meant to enhance protections, interferes with this feature, preventing appropriate power-off states on compatible devices.
Impacted Systems and Range
This glitch exclusively targets the Enterprise and IoT editions of Windows 11 23H2, excluding the consumer Home and Pro versions. No server platforms like Windows Server are experiencing similar issues.
Microsoft acknowledged the dilemma through its support portal, last refreshed on January 15 at 19:01 PT. Systems must have Secure Launch enabled, a routine configuration in high-security enterprise environments that depend on VBS to adhere to compliance protocols like NIST or zero-trust frameworks.
Administrators in regulated industries, such as finance and government, report this problem across their fleets, raising apprehensions about the reliability of power management.
While the bug itself is not a vulnerability, it unveils risks: devices caught in restart loops deplete batteries quicker, potentially resulting in data loss or ongoing uptime that increases exposure to unpatched threats.
Microsoft provides a temporary workaround for shutdowns through Command Prompt: open cmd from the Search bar and execute shutdown /s /t 0. This command initiates an immediate power-off, circumventing the GUI failure. There is no workaround for hibernation; users must save their work and choose full shutdowns to avoid unexpected power losses.
The company pledges a solution in a forthcoming update and advises IT teams to keep a lookout on Windows Update channels. In the meantime, disabling Secure Launch through Group Policy (Computer Configuration > Administrative Templates > System > Device Guard) restores functionality but compromises boot integrity—a consideration for threat hunters deliberating on the risks of firmware attack vectors.
This occurrence highlights the complex nature of the monthly Patch Tuesday rollouts. As enterprises patch for zero-day vulnerabilities, such regressions accentuate the necessity for staged testing, particularly on security-hardended configurations.
“`