Windows 11 KB5094126 Triggers Boot Failures, BitLocker Recovery, and Explorer Sync Breakage
Microsoft’s Windows 11 cumulative update KB5094126 is causing serious post-installation failures on some systems after its release with roughly 200 security fixes, including 33 critical flaws and five zero-days. Users reported freezes shortly after boot, black screens, boot loops, BSODs, and repeated BitLocker recovery prompts, including on devices where BitLocker was believed to be disabled. Reports indicate the problems are hitting some HP models particularly hard, with Secure Boot certificate changes and interactions with BIOS/UEFI settings and undersized or crowded EFI partitions emerging as likely factors.
The update is also disrupting enterprise and productivity workflows by breaking File Explorer integration for OneDrive and, in some cases, Dropbox and iCloud Drive, while some affected machines reportedly lose LAN access even though internet connectivity remains available. Administrators and users have resorted to Windows Recovery Environment to remove the patch, and some systems reportedly required full Windows reinstalls after recovery complications. A widely shared workaround has been to temporarily disable Secure Boot, complete boot and update recovery, then re-enable Secure Boot after updating BIOS/UEFI firmware, though Microsoft had not formally acknowledged the full scope of the issues in the update documentation at the time of reporting.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
Microsoft confirms KB5094126 breaks OLE automation for Office launches
Microsoft acknowledged that the June 2026 Windows 11 update KB5094126 can break OLE automation used by third-party applications to launch Microsoft Office apps. As a result, Word, Excel, PowerPoint, Access, and similar apps may fail to open or crash when started indirectly through affected software.
Microsoft confirms KB5094126 Recycle Bin prompt bug
Microsoft confirmed that the June 2026 Windows 11 update KB5094126 causes the Recycle Bin deletion confirmation dialog to show misleading internal file names, while stating that the actual files remain safe unless permanently deleted. The company said it identified the root cause and plans to fix the issue in the next cumulative update, with a support workaround available for affected Windows 11 Enterprise devices.
Microsoft had not acknowledged KB5094126 issues in documentation
At the time of reporting, Microsoft had not officially acknowledged the post-installation problems in the KB5094126 documentation. This absence of acknowledgment was specifically noted in coverage of the incident.
Affected users resort to recovery actions to remove or work around KB5094126
Some affected users reportedly used the Windows Recovery Environment to uninstall KB5094126, while others had to disable Secure Boot temporarily to complete boot and finish the update process. In more severe cases, users reportedly encountered recovery-related corruption or had to reinstall Windows entirely.
Users report KB5094126 breaks File Explorer cloud integrations
Users also reported that KB5094126 broke File Explorer integration for OneDrive and, in some cases, other cloud storage services such as Dropbox and iCloud Drive. The issue was noted particularly on some domain-joined PCs and systems using local admin accounts with UAC disabled.
Users report KB5094126 boot failures, BitLocker recovery, and BSOD issues
After installation, multiple users reported that KB5094126 caused boot failures, boot loops, black screens, forced BitLocker recovery, and BSODs, with HP devices among those especially affected. Reporting tied some failures to Secure Boot-related changes interacting with BIOS/UEFI configurations and small EFI partitions.
Microsoft releases Windows 11 update KB5094126
Microsoft released Windows 11 cumulative update KB5094126 (Build 26200.8655) for Windows 11 as part of June 2026 Patch Tuesday. The update reportedly addressed about 200 security vulnerabilities, including 33 critical flaws and five zero-days.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Microsoft confirms issues in Windows 11 KB5094126 June 2026 update
windowslatest.com
Open sourceWindows 11 June 2026 Update Breaks Recycle Bin Dialogs, OneDrive Access, and BSOD Reports Surface - gHacks Tech News
ghacks.net
Open sourceMicrosoft confirms Windows 11 update breaks Recycle Bin delete prompts, but your files are still safe
windowslatest.com
Open sourceWindows 11 Update KB5094126 Freezes Systems, Forces BitLocker Recovery, and More
cybersecuritynews.com
Open sourceWindows 11 KB5094126 BSODs some PCs (HP?), breaks OneDrive in File Explorer, and other issues confirmed
windowslatest.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Microsoft expands Secure Boot fixes as Windows updates hit install and recovery issues
Microsoft released the June cumulative update `KB5093998` for Windows 11 23H2 with security fixes, broader Secure Boot certificate rollout support, and a new Group Policy/MDM option to limit Secure Boot service data sent to Microsoft. The update also fixes a known issue that could force some devices into **BitLocker Recovery** after boot file updates, while CERT/CC and Microsoft separately published advisories on a Secure Boot bypass affecting Microsoft-signed UEFI shim bootloaders, tracked as `CVE-2026-44815`. At the same time, Microsoft warned that some PCs upgraded from Windows 10 21H2/22H2 or Windows 11 23H2 to Windows 11 24H2 or 25H2 may fail to install the June 2026 cumulative updates, showing errors `0x80073712` or `0x800f0993` because of package and component store issues. Microsoft said an automatic fix is rolling out for unmanaged enterprise and Home devices after restart, while already affected systems may require removing a problematic package with DISM or performing an in-place upgrade; separate reporting also said recent HP BIOS updates and Dell SupportAssist software caused BitLocker loops and BSODs that were initially blamed on Windows but traced to OEM firmware and utilities.
Jun 17, 2026
Windows 11 KB5077181 Patch Tuesday Update Triggers and Fixes Boot Failures
Microsoft’s February 2026 Windows 11 cumulative security update **KB5077181** (for versions **24H2** and **25H2**) was associated with significant boot reliability issues reported shortly after deployment, including systems entering **infinite restart loops** and failing to reach the desktop. Reports described login-time errors (including **System Event Notification Service (SENS)** procedure errors) and network symptoms such as **DHCP failures**, while Microsoft’s public release notes and health dashboard were reported as not listing known issues at the time. The update also shipped broad security remediation, with reporting citing **58 vulnerabilities** addressed and **six actively exploited zero-days** referenced via CISA’s **Known Exploited Vulnerabilities** catalog, including fixes for issues such as SmartScreen bypass (`CVE-2026-21510`), Desktop Window Manager EoP (`CVE-2026-21519`), Remote Desktop Services EoP (`CVE-2026-21533`), and a Notepad RCE via crafted Markdown (`CVE-2026-20841`). Separately, Microsoft stated that **KB5077181** fully resolved a specific Windows 11 boot failure condition affecting a limited set of **commercial physical devices** on **24H2/25H2** that could become unbootable (e.g., **"UNMOUNTABLE_BOOT_VOLUME"**) after installing **KB5074109** or later updates when a **December 2025** security update had previously failed and rolled back, leaving the OS in an “improper state.” Microsoft indicated an earlier mitigation shipped in the optional preview update **KB5074105** (Jan 29, 2026) to prevent additional devices from being impacted, and that the February Patch Tuesday release delivered the complete fix; the issue was not reported as affecting home users or virtual machines.
Mar 21, 2026
Windows 11 KB5089549 Install Failures Complicate Microsoft Defender Security Patches
Microsoft confirmed that the Windows 11 security update `KB5089549` can fail to install on systems running versions 24H2 and 25H2 when the EFI System Partition has 10 MB or less of free space. Affected devices typically stop during reboot at about 35–36% completion, return error `0x800f0922`, and roll back the update. Microsoft has issued a **Known Issue Rollback** for consumer and unmanaged business devices, while enterprise administrators must use a Group Policy workaround; for persistent cases, the company also published a registry-based mitigation to reduce reserved EFI servicing padding. The same update also addresses a separate problem that had pushed some Windows 11 devices into BitLocker recovery after earlier 2026 updates. The installation issue is significant because Microsoft’s May security advisories also included multiple **Microsoft Defender** vulnerabilities, with `CVE-2026-41091` and `CVE-2026-45498` added by CISA to the **Known Exploited Vulnerabilities** catalog, signaling active exploitation risk. Additional Defender flaws tracked as `CVE-2026-45584` and related advisories were also published by Microsoft and echoed by national cybersecurity agencies, including Canada’s Cyber Centre and HKCERT, which urged organizations to review the bulletins and apply updates. Microsoft said it is developing a permanent fix for the Windows 11 update failure in a future release.
May 24, 2026