Microsoft’s recent security update, KB5077181, rolled out on February 10, 2026, for Windows 11 versions 24H2 and 25H2, has sparked significant concern among users due to critical boot failures occurring shortly after its deployment. Reports indicate that devices are entering infinite restart loops, often exceeding 15 cycles, effectively locking users out of their desktops.
This cumulative update is designed to deliver vital security fixes and quality improvements, building upon previous updates such as KB5074109. It addresses a total of 58 vulnerabilities across various Windows components, including six zero-day exploits currently being targeted by cybercriminals, as highlighted in CISA’s Known Exploited Vulnerabilities catalog. Key patches focus on:
- Elevation of privilege flaws
- Remote code execution risks
- Security bypasses in core systems
| CVE ID | Description |
|---|---|
| CVE-2026-21510 | Windows Shell security feature bypass allowing SmartScreen evasion via malicious links. |
| CVE-2026-21519 | Desktop Window Manager elevation of privilege to SYSTEM level. |
| CVE-2026-21533 | Windows Remote Desktop Services elevation of privilege; exploited zero-day. |
| CVE-2026-20841 | Notepad remote code execution via crafted Markdown files. |
In addition to security enhancements, the update introduces new Secure Boot certificates to mitigate the impact of 2011 certificate expirations scheduled for June 2026. This aims to bolster boot integrity while also addressing gaming eligibility checks and WPA3 Wi-Fi connectivity issues.
However, despite these improvements, Microsoft has not reported any known issues related to this update on its release page or health dashboard as of February 15.
Reported Boot Loops and Workarounds
Users experiencing issues post-installation are reporting System Event Notification Service (SENS) errors, such as “a specified procedure could not be found,” at login, along with DHCP failures that disrupt internet connectivity despite active connections. Installation errors like 0x800f0983 and 0x800f0991 have been noted, particularly affecting specific hardware configurations. Community forums, including Reddit and Microsoft Answers, have documented numerous cases, with some users managing to regain partial access for repairs.
To mitigate these issues, users are advised to uninstall KB5077181 immediately. This can be done by navigating to Control Panel > Programs and Features > View installed updates, selecting the KB, and uninstalling it before restarting the system. It is also recommended to pause Windows Update to prevent automatic reinstallation.
If boot loops persist, users can access the Windows Recovery Environment by interrupting the boot process three times or using recovery media. From there, they should select Troubleshoot > Advanced options > Command Prompt and execute the command: wusa /uninstall /kb:5077181 /quiet /norestart. Running sfc /scannow may also help repair any corrupted files if necessary. For enterprises, deploying the update via WSUS with appropriate testing, monitoring, and health checks is advisable.
While some users have benefited from positive changes, such as resolutions for Nvidia black screen issues and improved explorer.exe stability, the overall instability serves as a reminder of the risks associated with Patch Tuesday updates. Microsoft has yet to officially address these concerns, but user reports suggest exercising caution, particularly on non-essential systems.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
