Microsoft has released update KB5077797 to fix a shutdown issue affecting Windows 11 devices running version 23H2 with Secure Launch enabled. This update, issued on 2023-01-10, resolves a bug caused by a previous security update, KB5073455, that led to computers rebooting instead of shutting down.
Shutdown Bug and Secure Launch
The bug interrupted the normal power-off process, causing instant restarts instead of powering off. Users reported this issue primarily on devices with Secure Launch, a security feature using a dynamic root of trust with TPM, enabled. Secure Launch is a component of Windows Defender System Guard and helps protect the early boot environment.
This problem did not risk data loss or storage corruption but affected battery life, disrupted IT management, and complicated remote operations. Devices predominantly impacted were those with pre-configured Secure Launch settings.
Deployment and Guidance
KB5077797 is available through Windows Update and the Microsoft Update Catalog. It can also be deployed via WSUS, Configuration Manager, or Intune, with a required system restart post-installation. Microsoft advises installing this update rather than disabling Secure Launch due to the reduced security risks and potential compliance issues if the feature is turned off.
For troubleshooting, observe immediate restarts upon selecting Shut Down or Hibernate. Users seeing Kernel-Power entries in the Event Viewer should confirm Secure Launch is enabled and that their device is running Windows 11 23H2. Applying the out-of-band fix will restore expected shutdown behavior and address related Remote Desktop sign-in issues.
