Some users of Windows 11 have encountered an unexpected twist in their shutdown experience. Following the recent Patch Tuesday security update, designated KB5073455, a number of PCs have begun to reboot instead of shutting down when the Shut Down or Hibernate options are selected. Microsoft has recognized this issue, noting that it predominantly affects devices equipped with Secure Launch on Windows 11 version 23H2.
What Broke And Why It Matters For Windows 11 Users
Reports of this peculiar behavior emerged shortly after the cumulative security update was released. On the affected systems, the usual power-off sequence is disrupted, leading to an unexpected restart, mimicking the action of selecting Restart. Neowin was among the first to spotlight this anomaly, and Microsoft later confirmed the symptoms in their release notes.
While this glitch may seem minor, it poses several practical challenges. For laptop users, it can drain battery life unnecessarily, disrupt scheduled maintenance windows, and complicate remote management processes that rely on automated shutdowns during nightly operations. Fortunately, the issue does not suggest any risk of data loss or storage corruption; it is merely a control flow problem during the power transition.
Secure Launch Is The Common Thread Behind Reboots
Microsoft has indicated that the shutdown failures are linked to systems running Windows 11 23H2 with Secure Launch enabled. This feature, part of Windows Defender System Guard, employs a dynamic root of trust for measurement, enhancing security during the boot process. It collaborates with TPM and compatible firmware to prevent tampering before the operating system fully loads.
Many modern OEM configurations come with these security measures activated by default, particularly on devices that meet the security baseline for Windows 11. This explains why only a specific subset of machines is experiencing the shutdown issue; devices lacking Secure Launch, older hardware, or those running non-23H2 builds are not affected by this reboot loop.
Microsoft Issues Out-of-Band Fix To Restore Shutdown
In response to this regression, Microsoft has rolled out an out-of-band update, KB5077797, aimed at restoring the expected shutdown and hibernation functionalities for affected Windows 11 23H2 systems with Secure Launch enabled. This update also addresses a separate issue that had caused sign-in failures for some Remote Desktop sessions.
Out-of-band updates are designed to be released outside the typical monthly cycle, making them available in Windows Update and the Microsoft Update Catalog as soon as they are published. Enterprise administrators can deploy these updates through WSUS, Configuration Manager, or Intune following approval. As with any servicing change, a restart will be necessary to apply the fix.
How To Restore Normal Shutdown On Windows 11 23H2
To restore normal shutdown functionality, users should check Windows Update for the availability of KB5077797. If it does not appear immediately, a manual update scan can be initiated, or the package can be directly downloaded from the Microsoft Update Catalog. For managed fleets, it is essential to ensure that the out-of-band update is approved within the update rings and targeted to Windows 11 23H2 devices.
Microsoft advises against disabling Secure Launch as a workaround, as this would compromise security and potentially lead to compliance issues. Similarly, registry modifications or disabling hibernation are unnecessary now that the hotfix is available.
How To Tell If You’re Affected By The Shutdown Bug
Identifying whether you are affected by the shutdown bug is straightforward. If selecting Shut Down or Hibernate results in an immediate restart instead of powering off, you are likely impacted. Users can also check the Event Viewer for Kernel-Power entries related to unexpected power transitions. If your device is running Windows 11 23H2 and Secure Launch is enabled in System Information, you fall within the affected profile.
The Larger Reliability Picture For Windows Updates
Regressions can occasionally arise from security updates, and Microsoft typically employs Known Issue Rollback for non-security components. However, due to the nature of this problem stemming from a security servicing change, an out-of-band release was deemed the most expedient and secure solution. The Windows Release Health dashboard and KB notes have been updated to reflect the shutdown issue and its resolution.
For those who postponed January updates due to the shutdown bug, installing KB5077797 should pave the way for a smoother experience. For all users, the key takeaway remains clear: maintaining up-to-date Windows systems is crucial, especially for those relying on modern security features like Secure Launch, where timely fixes are often implemented once an issue is confirmed.
