Microsoft confirms KB5073455 update causes shutdown failures on Windows 11 23H2 Enterprise/IoT devices with Secure Launch enabled, offering a command-line workaround while investigating a permanent fix.
Windows administrators and enterprise users are encountering unexpected system restarts instead of shutdowns following Microsoft's January 2026 security updates. The company has confirmed that devices running Windows 11 23H2 Enterprise or IoT editions with KB5073455 installed experience shutdown failures when System Guard Secure Launch is enabled.
Security Feature at the Core
System Guard Secure Launch, part of Microsoft's virtualization-based security (VBS) suite, protects systems against firmware-level attacks during boot sequences. As cybersecurity expert Jake Williams explains: "Secure Launch establishes a hardware-rooted trust boundary before the operating system loads, making it extremely difficult for rootkits and bootkits to compromise the system. This firmware validation is critical for enterprises handling sensitive data."
The malfunction occurs specifically when users attempt to shut down or hibernate devices protected by this security feature. Instead of powering off, affected systems automatically restart. Microsoft's release health dashboard states: "After installing KB5073455, some PCs with Secure Launch are unable to shut down or enter hibernation. Instead, the device restarts."
Temporary Workaround Available
Until Microsoft delivers a permanent solution, administrators can bypass the issue using Command Prompt:
- Press Win + R, type
cmd, and press Ctrl+Shift+Enter to open an elevated Command Prompt - Enter the command:
shutdown /s /t 0 - Press Enter to force immediate shutdown
This command-line approach successfully powers down affected systems. However, no equivalent solution exists for hibernation failures. Microsoft advises: "Ensure you save all work and shut down completely to prevent battery drain when hibernation is unavailable."
Impact and Enterprise Considerations
The issue exclusively impacts:
- Windows 11 23H2 Enterprise edition
- Windows 11 23H2 IoT Enterprise edition
- Systems with KB5073455 installed
- Devices with Secure Launch enabled in UEFI firmware
Security architect Elena Rodriguez notes: "While inconvenient, this workaround maintains security posture. Disabling Secure Launch to restore shutdown functionality would expose devices to firmware attacks, which isn't an acceptable trade-off for enterprises."
Microsoft is simultaneously addressing two other January update issues:
- KB5074109 causing authentication failures during Remote Desktop connections to Cloud PCs
- False positive security alerts triggered by Windows components across client and server platforms
Administrators should monitor Microsoft's Windows release health dashboard for resolution timelines. Organizations using affected configurations should implement the shutdown command workthrough immediately while ensuring critical systems have sufficient power backup during the interim period.
Comments
Please log in or register to join the discussion