boot process Archives

Winsage

February 19, 2026

Windows 10 ESU update KB5075912 bumps 22H2 to Build 19045.6937

Microsoft has announced an update, identified as KB5075912, regarding Secure Boot certificates to enhance device security for Windows users. Key points include the introduction of new certificates to prevent unauthorized software during startup, improved compatibility with various hardware configurations, and a commitment to provide regular updates to these certificates.

Winsage

February 17, 2026

Microsoft Windows 11 KB5077181 Update Triggers Infinite Restart Loop on Some Devices

Microsoft's Patch Tuesday update, KB5077181, released on February 10, 2026, has caused significant boot failures for users of Windows 11 versions 24H2 (OS build 26200.7840) and 25H2 (OS build 26100.7840), resulting in endless restart loops. Users are reporting over 15 reboot cycles, preventing access to their desktops. Issues include System Event Notification Service (SENS) errors and DHCP problems affecting internet connectivity. Installation errors with codes 0x800f0983 and 0x800f0991 indicate potential hardware, driver, or servicing stack incompatibilities. The update was intended to address 58 vulnerabilities, including six zero-days, but the boot loop issue has overshadowed these enhancements. CVE IDs and their CVSS scores related to the vulnerabilities addressed include: - CVE-2026-21510: 7.5 - CVE-2026-21519: 7.8 - CVE-2026-21533: 8.8 - CVE-2026-20841: 7.1 As of February 15, 2026, there is no "known issues" entry in Microsoft's release notes despite user reports. Users can uninstall the update through the Control Panel if their systems are accessible, or use the Windows Recovery Environment to execute commands for uninstallation if their systems are unbootable.

Winsage

February 16, 2026

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's security update KB5077181, released on February 10, 2026, for Windows 11 versions 24H2 and 25H2, has caused critical boot failures, leading to infinite restart loops for users. The update addresses 58 vulnerabilities, including six zero-day exploits, and introduces new Secure Boot certificates. Users have reported errors such as “a specified procedure could not be found” and DHCP failures, with installation errors like 0x800f0983 and 0x800f0991 affecting specific hardware. To resolve issues, users are advised to uninstall the update and pause Windows Update. Accessing the Windows Recovery Environment may also be necessary for persistent boot loops. While some users experienced improvements, the overall instability highlights risks associated with updates. Microsoft has not acknowledged any known issues related to this update as of February 15.

Winsage

February 15, 2026

Microsoft Refreshes Secure Boot Certificates via Windows Update

Microsoft will begin rolling out new Secure Boot certificates through Windows Update starting in March 2026, coinciding with the expiration of original certificates from 2011, which will phase out in June 2026. The new certificates include Microsoft Corporation KEK 2K CA 2023, Microsoft UEFI CA 2023, Microsoft Option ROM UEFI CA 2023, and Windows UEFI CA 2023. Not all Windows users will receive the update simultaneously; eligibility will focus on high-confidence devices with strong update histories. Newer PCs sold from 2024 will already have the 2023 Secure Boot certificates, while some devices may require additional firmware updates from their OEMs. PCs that do not receive the new certificates will still boot but will operate with diminished security, increasing vulnerability to exploits and compatibility issues with anti-cheat software and future Windows versions. Users on unsupported Windows versions will not receive the new certificates, leading to heightened security risks after June 2026.

Winsage

February 13, 2026

Microsoft Introduces New Secure Boot Certificates Before June Deadline

The foundational security certificates supporting Windows Secure Boot, introduced in 2011, will expire in mid-2026, specifically in June and October. Microsoft and PC manufacturers are updating the Windows ecosystem to address this. Devices that do not receive updated certificates may face security limitations and compatibility issues with newer operating systems and hardware. The transition is described as a "generational refresh" of the trust infrastructure for Windows. Systems failing to update will still function but may enter a "degraded security state," unable to install new security mitigations or newer operating systems. Most users will receive updates automatically through Windows Update, while older systems may require manual intervention. Systems at risk include those running unsupported Windows versions, with Secure Boot disabled, or not enrolled in Extended Security Updates. Users should check their Secure Boot status using PowerShell commands to ensure they are using the new certificates. The update affects not only Windows PCs but also other devices utilizing UEFI Secure Boot.

Winsage

February 11, 2026

Refreshing the root of trust: industry collaboration on Secure Boot certificate updates

Secure Boot is a security feature in Windows and Windows Server that protects devices from untrusted software at startup. It has been in operation since 2011 and relies on certificates embedded in a PC’s firmware. The original Secure Boot certificates will begin to expire in late June 2026. New certificates are being rolled out through regular Windows updates for supported devices, with OEMs preparing new devices with updated certificates since 2024. If devices do not receive the new certificates before the expiration of the old ones, they will continue to function but will enter a degraded security state, limiting future protections. Users generally do not need to take action, as updates will be installed automatically, but some specialized systems may require separate firmware updates. Organizations can monitor the update status through the Windows Security App and should ensure devices are running the latest updates and firmware. Support is available for individuals and organizations facing issues during the update process.

Winsage

February 10, 2026

Microsoft is keeping Secure Boot alive with Windows updates

Microsoft is enhancing the security of Windows devices by replacing boot-level security certificates that are nearing expiration, with this initiative integrated into regular Windows platform updates. The original Secure Boot certificates from 2011 will expire between June and October 2026, prompting Microsoft to issue new certificates in 2023, which are included in many new Windows devices sold since 2024. Older hardware will require updates to remain compliant. Devices with expired certificates will continue to operate but will enter a "degraded security state," potentially hindering future updates and causing compatibility issues. The new Secure Boot certificates rollout began with the Windows 11 KB5074109 update. Most Windows 11 users will have the new certificates installed automatically, while specialized systems may have different update protocols. Windows 10 users must enroll in Microsoft’s Extended Security Updates to receive the new certificates.

Winsage

January 19, 2026

Windows 11 PCs Fail To Shut Down After Update

Some users of Windows 11 have experienced a problem where their PCs reboot instead of shutting down after the Patch Tuesday security update KB5073455. This issue primarily affects devices with Secure Launch on Windows 11 version 23H2. Microsoft has confirmed this behavior, which disrupts the usual power-off sequence and can drain battery life for laptops and complicate remote management processes. An out-of-band update, KB5077797, has been released to restore normal shutdown and hibernation functionalities for affected systems. Users can check for this update in Windows Update or download it from the Microsoft Update Catalog. To determine if they are affected, users should look for immediate restarts when selecting Shut Down or Hibernate and check if Secure Launch is enabled in System Information.

Winsage

January 17, 2026

Windows 11 shutdown bug: Microsoft confirms KB5073455 issue

Microsoft has acknowledged a shutdown issue affecting Windows 11 Enterprise and IoT editions after the January 13, 2026 security update (KB5073455) for version 23H2, which prevents affected systems from shutting down properly, causing them to either hibernate or restart instead. The problem is linked to the System Guard Secure Launch feature and does not affect Windows 11 Home and Pro editions. A temporary workaround involves using the command "shutdown /s /t 0" in an elevated Command Prompt to force a shutdown, but there is no workaround for hibernation functionality. Microsoft is working on a resolution and suggests that enterprise IT administrators consider pausing the deployment of the update on unaffected devices.

Winsage

January 16, 2026

Sorry Dave, I’m afraid I can’t do that! PCs refuse to shutdown after Microsoft patch

Microsoft's January Patch Tuesday update has caused shutdown and hibernation issues for some Windows 11 23H2 users, with devices refusing to power down despite user commands. The problem is linked to the Secure Launch feature, which prevents shutdown, restart, and hibernation attempts from functioning correctly. Microsoft has suggested a workaround using the command "shutdown /s /t 0" to force shutdown. They have not disclosed how many devices are affected or provided a timeline for a fix. Additionally, there is a separate issue affecting classic Outlook POP account profiles that may freeze or hang after the update.