Microsoft Windows 11 Updates Trigger Boot Failures and Security-Driven Driver/Privilege Changes
Microsoft attributed Windows 11 no-boot failures seen after installing the January 2026 cumulative update KB5074109 (Windows 11 24H2/25H2) to devices that had previously failed to install the December 2025 security update and were left in an “improper state” after rollback. Affected systems can crash on startup with a BSOD UNMOUNTABLE_BOOT_VOLUME; Microsoft said the issue appears limited to physical devices (no confirmed VM impact) and is working on a partial mitigation to prevent additional systems from entering a no-boot scenario, while continuing to investigate why some devices fail updates or end up unstable after rollback.
Separately, Microsoft’s recent Windows 11 servicing and security work included deliberately disabling legacy dial-up modem drivers (e.g., AGRSM64.SYS/AGRSM.SYS, SMSERL64.SYS/SMSERIAL.SYS) due to reported vulnerabilities including CVE-2023-31096 (EoP) and CVE-2025-24052 (stack-based buffer overflow), which can present risk even if the modem hardware is unused—at the cost of breaking connectivity for niche systems relying on those drivers. Microsoft also patched nine bypasses reported by Google Project Zero that could undermine the new Windows Administrator Protection feature by enabling silent admin privilege gains via legacy Windows/UAC behaviors (including a token/Logon Sessions-related technique involving NtQueryInformationToken and DOS device object directory creation), ahead of broader availability beyond Insider builds.
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
Windows 11 KB5077181 Patch Tuesday Update Triggers and Fixes Boot Failures
Microsoft’s February 2026 Windows 11 cumulative security update **KB5077181** (for versions **24H2** and **25H2**) was associated with significant boot reliability issues reported shortly after deployment, including systems entering **infinite restart loops** and failing to reach the desktop. Reports described login-time errors (including **System Event Notification Service (SENS)** procedure errors) and network symptoms such as **DHCP failures**, while Microsoft’s public release notes and health dashboard were reported as not listing known issues at the time. The update also shipped broad security remediation, with reporting citing **58 vulnerabilities** addressed and **six actively exploited zero-days** referenced via CISA’s **Known Exploited Vulnerabilities** catalog, including fixes for issues such as SmartScreen bypass (`CVE-2026-21510`), Desktop Window Manager EoP (`CVE-2026-21519`), Remote Desktop Services EoP (`CVE-2026-21533`), and a Notepad RCE via crafted Markdown (`CVE-2026-20841`). Separately, Microsoft stated that **KB5077181** fully resolved a specific Windows 11 boot failure condition affecting a limited set of **commercial physical devices** on **24H2/25H2** that could become unbootable (e.g., **"UNMOUNTABLE_BOOT_VOLUME"**) after installing **KB5074109** or later updates when a **December 2025** security update had previously failed and rolled back, leaving the OS in an “improper state.” Microsoft indicated an earlier mitigation shipped in the optional preview update **KB5074105** (Jan 29, 2026) to prevent additional devices from being impacted, and that the February Patch Tuesday release delivered the complete fix; the issue was not reported as affecting home users or virtual machines.
4 weeks ago
Windows 11 January Security Updates Trigger UNMOUNTABLE_BOOT_VOLUME Boot Failures
Microsoft is investigating and has acknowledged a limited issue where some **Windows 11** devices fail to boot after installing the **January 2026 Patch Tuesday security updates**, presenting a BSOD/black crash screen with stop code **`UNMOUNTABLE_BOOT_VOLUME`**. Impacted systems can become stuck in a restart loop and are unable to start Windows without **manual recovery efforts**, with Microsoft collecting reports from users and enterprise administrators to determine scope and root cause. Reporting indicates the problem affects **physical devices** (with no virtual machines reported as impacted so far) and is tied to specific Windows 11 builds and cumulative updates, including **Windows 11 25H2** and **Windows 11 24H2** after installing **`KB5074109`**. Microsoft has not yet confirmed the underlying cause or provided a universal remediation beyond recovery steps, and is requesting affected customers submit diagnostics via the **Feedback Hub** while it determines whether the behavior is a regression introduced by the update.
1 months ago
Windows 11 Reliability Backlash and KB5074105 Preview Update Fixes
Microsoft reported **over 1 billion monthly active Windows 11 users**, but user sentiment remains negative, with prominent complaints focused on **buggy updates**, perceived reliability regressions, and unwanted feature changes (including AI-related additions). Microsoft leadership publicly acknowledged the feedback and said the company will prioritize **performance, reliability, and overall user experience** improvements to rebuild trust. Microsoft also released the **KB5074105** optional *non-security* preview cumulative update for Windows 11 (24H2/25H2), positioned as an end-of-month quality update ahead of the next Patch Tuesday. KB5074105 includes dozens of changes and targets operational issues including **boot problems** (e.g., startup hangs when Windows Boot Manager debugging is enabled and iSCSI boot failures with `Inaccessible Boot Device`), **sign-in issues** (including `Explorer.exe` hanging on first login under certain startup-app configurations), and **activation/license migration failures** during upgrades when devices cannot register with the Windows Activation server; the update is available via Windows Update or manual download from the Microsoft Update Catalog.
1 months ago