Microsoft released an out‑of‑band (OOB) update in January 2026 to resolve two critical regressions introduced by the regular security patch: PCs with Secure Launch could not shut down or hibernate, and Remote Desktop connections failed to authenticate. Installing updates KB5077797 and KB5077744 restores normal shutdown behavior and Remote Desktop access instantly.
What Went Wrong
On January 13, 2026 the cumulative security update for Windows 11 version 23H2 added new protections and quality‑of‑life tweaks. Shortly after deployment, two major issues surfaced:
- Shutdown and hibernation failures – Devices using Secure Launch stalled on the “Shutting down” screen or refused to enter hibernation, often requiring a hard power‑off.
- Remote Desktop authentication errors – Users could not establish Remote Desktop Connection (RDC) sessions, receiving credential‑negotiation failures.
Telemetry confirmed spikes in “shutdown timeout” and “RDP login failure” events across both consumer and enterprise machines.
Emergency Response
Microsoft issued two critical OOB cumulative updates on January 19:
- KB5077797 – fixes the Secure Launch shutdown and hibernation issue.
- KB5077744 – resolves the Remote Desktop authentication problem.
These patches are distributed via Windows Update, WSUS, and Microsoft Endpoint Manager and are classified as “critical,” meaning they should be installed immediately.
Why It Matters
The regressions affected core system stability and remote‑access productivity. Secure Launch, a hardware‑based boot security feature, is increasingly enabled in enterprise environments to protect against firmware attacks. Simultaneously, Remote Desktop remains a primary tool for remote work and internal application delivery. Disruption to either function can halt workflows, cause data loss, or force costly workarounds.
Implications for Users and IT Admins
Home Users
Most consumer PCs do not enable Secure Launch by default, and many users rarely rely on Remote Desktop. Nonetheless, keeping Windows up to date and checking the “Optional Updates” section for emergency patches is essential.
Enterprise Environments
Organizations with Secure Launch enforced through Group Policy or Endpoint Manager may see a larger impact. A loss of Remote Desktop connectivity can interrupt ticket resolution, delay updates, and require temporary alternatives such as VPN + VNC or Windows 365 instances.
Recommended Actions
- Stage updates in a pilot group before full deployment, especially on Secure Launch‑enabled devices.
- Monitor Event Viewer for “Kernel‑Power” and “RemoteDesktop‑Auth” events that indicate the issue.
- Maintain a rollback plan using system restore points or Windows Image Backup in case future patches introduce conflicts.
Looking Ahead
The emergency fixes address the immediate shutdown and RDP problems, and Microsoft plans a broader quality‑of‑service update in the next regular Patch Tuesday to further harden the Secure Launch code path. Until then, the key step for all Windows 11 users is to install KB5077797 and KB5077744 without delay.
