Microsoft confirms Windows 10 systems with Virtual Secure Mode are also affected by the shutdown bug impacting Windows 11 devices after January updates.
Microsoft has confirmed that a known issue preventing some Windows 11 devices from shutting down also affects Windows 10 systems with Virtual Secure Mode (VSM) enabled. VSM is a Windows security feature that creates an isolated, protected memory region separate from the normal operating system (known as the "secure kernel"), using hardware virtualization that is extremely difficult for malware to access, even after a system compromise. It protects sensitive credentials, encryption keys, and security tokens from kernel-level malware and pass-the-hash attacks, and it enables security features such as Credential Guard, Device Guard, and Hypervisor-Protected Code Integrity in Windows 10/11 Enterprise editions.
As confirmed last month, on January 15, this bug affects Windows 11 23H2 devices with the KB5073455 cumulative update installed and System Guard Secure Launch enabled, a Windows security feature that protects the boot process against firmware-level attacks. Microsoft released emergency, out-of-band updates two days later to fix the known issue and advised affected customers who couldn't immediately install them to manually shut down their systems using the "shutdown /s /t 0" command.
However, last week, Microsoft updated the Windows release health dashboard to confirm that the same issue also impacts Windows 10 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 Enterprise LTSC 2019 when VSM is enabled after installing the KB5078131 and KB5073724 updates. Affected users are advised to use the same command line to shut down their devices as a temporary workaround until a fix for VSM-enabled systems is available.
"After installing Windows updates released on or after January 13, 2026 (KB5073724), some Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled are unable to shut down or enter hibernation. Instead, the device restarts," Microsoft explained. "We plan to release a solution in a future Windows update. We will provide more information when it is available."
In January, Microsoft fixed another known issue that caused security applications to flag a core Windows component on client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms as malicious. More recently, it addressed a known issue that caused the password sign-in option to disappear from the lock screen after installing Windows 11 updates released since August 2025.
This latest shutdown bug represents a significant challenge for enterprise environments that rely on VSM-enabled security features. Organizations using Windows 10 Enterprise with Credential Guard or other VSM-dependent security features should be particularly vigilant, as the bug affects multiple long-term servicing channel (LTSC) versions that are commonly deployed in business environments where extended support and stability are prioritized.
The workaround requiring manual shutdown via command line is functional but inconvenient, especially for systems that need regular maintenance or updates. IT administrators managing fleets of affected devices will need to plan for this manual intervention until Microsoft releases a permanent fix.
Microsoft's pattern of releasing emergency updates and workarounds suggests the company is dealing with multiple quality control challenges in its Windows update process. The fact that a single bug affects both Windows 10 and Windows 11 systems with specific security configurations indicates a deeper issue in how these updates interact with hardware virtualization features.
For users experiencing this issue, the "shutdown /s /t 0" command provides immediate relief, but it's important to note that this is a temporary measure. The command forces an immediate shutdown without waiting for running processes to close, which could potentially lead to data loss if applications are not properly saved.
Microsoft has not provided a timeline for when the fix will be available, only stating that it will be released in a future Windows update. This uncertainty means affected organizations should prepare for continued use of the workaround and consider the operational impact on their IT infrastructure.
The broader context of these ongoing Windows update issues raises questions about Microsoft's testing procedures and quality assurance processes, particularly for security features that are critical to enterprise deployments. As more organizations adopt VSM and related security technologies, the reliability of Windows updates becomes increasingly important for maintaining both security and operational continuity.
Comments
Please log in or register to join the discussion