Microsoft has officially acknowledged a significant bug within its recent Windows 11 24H2 updates, which has led to a wave of Blue Screen of Death (BSOD) crashes. Users are encountering the stop error code “SECUREKERNELERROR” (0x18B), a situation that has escalated since the April 2025 Patch Tuesday update, affecting thousands of users worldwide.
The issue, initially reported by Windows Latest in March 2025, has now gained traction as more users experience the fallout from the three most recent Windows 11 24H2 updates. Following the installation of any of these updates and a subsequent reboot, affected systems may crash, displaying the “SECUREKERNELERROR” message. In some cases, this results in a persistent crash-restart loop or renders the system unbootable.
The error itself indicates a failure within the Secure Kernel, a vital component that underpins security and virtualization operations in Windows.
Initial Response and Escalation
When the first reports emerged in March, Microsoft did not immediately recognize the issue, as it seemed to be limited in scope. However, with user complaints surging after the April update, the company updated its support documentation to confirm the existence of the bug and initiated an investigation into its root cause.
In addition to the BSOD issue, the updates have also triggered other problems, including:
- Failures with Windows Hello: Users are unable to sign in using facial recognition or PIN.
- Compatibility issues with games and software: Notably, ARM-based devices are unable to launch Roblox, and certain Citrix software installations are failing.
In response to the growing crisis, Microsoft has implemented a Known Issue Rollback (KIR)—a server-side mechanism designed to remotely disable the problematic code introduced by the updates. This fix is being automatically pushed to all affected consumer and unmanaged business devices via Windows Update, although users may experience a delay of up to 24 hours for the KIR to reach their systems. To facilitate a quicker resolution, users are advised to:
- Keep their device connected to the internet.
- Restart their PC multiple times to expedite the fix.
Microsoft has stated, “This issue is mitigated using Known Issue Rollback (KIR). Please note that it might take up to 24 hours for the resolution to propagate automatically to consumer devices.”
For enterprise and IT-managed environments, administrators are required to manually deploy a specific Group Policy update to roll back the faulty code. The relevant Group Policy can be located under Computer Configuration > Administrative Templates in the Group Policy Editor, as outlined in Microsoft’s official documentation.
While the KIR provides immediate relief, it serves as a temporary workaround. Microsoft is actively working on a permanent solution, anticipated to be included in a future Windows update. In the interim, users are encouraged to frequently check for updates and reboot their systems to ensure the KIR is applied promptly.
The SECUREKERNELERROR crisis has disrupted both home and enterprise users, with some experiencing repeated crashes and others unable to boot their systems entirely. This incident has reignited concerns regarding the reliability of Windows updates as Microsoft navigates the delicate balance between rapid security patching and system stability.
Additionally, Microsoft has acknowledged related issues, such as failures with Windows Hello, and has committed to providing further fixes in the upcoming May 2025 update.
Summary Table: Affected Updates and Issues
| Update | Release Date | Main Issues | Mitigation |
|---|---|---|---|
| KB5053598 | Mar 11, 2025 | BSOD (SECUREKERNELERROR) | KIR auto/server-side |
| KB5053656 | Mar 27, 2025 | BSOD, Windows Hello failures | KIR/Group Policy |
| KB5055523 | Apr 8, 2025 | BSOD, Windows Hello, app issues | KIR/Group Policy |
What Users Should Do:
- Restart your PC several times and check for updates to receive the KIR fix faster.
- For managed devices, IT admins should deploy the KIR Group Policy and restart affected systems.
- Watch for further updates from Microsoft as a permanent fix is in development.
Microsoft’s swift action through the KIR has mitigated some of the disruption, yet this incident highlights the ongoing challenges of ensuring stability in a rapidly evolving operating system landscape.
Malware Trends Report Based on 15000 SOC Teams Incidents, Q1 2025 out!-> Get Your Free Copy
