Microsoft has confirmed that a known issue preventing some Windows 11 devices from shutting down also affects Windows 10 systems with Virtual Secure Mode (VSM) enabled.
VSM is a Windows security feature that creates an isolated, protected memory region separate from the normal operating system (known as the “secure kernel”), using hardware virtualization that is extremely difficult for malware to access, even after a system compromise.
It protects sensitive credentials, encryption keys, and security tokens from kernel-level malware and pass-the-hash attacks, and it enables security features such as Credential Guard, Device Guard, and Hypervisor-Protected Code Integrity in Windows 10/11 Enterprise editions.
As confirmed last month, on January 15, this bug affects Windows 11 23H2 devices with the KB5073455 cumulative update installed and System Guard Secure Launch enabled, a Windows security feature that protects the boot process against firmware-level attacks.
Microsoft released emergency, out-of-band updates two days later to fix the known issue and advised affected customers who couldn’t immediately install them to manually shut down their systems using the “shutdown /s /t 0” command.
However, last week, Microsoft updated the Windows release health dashboard to confirm that the same issue also impacts Windows 10 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 Enterprise LTSC 2019 when VSM is enabled after installing the KB5078131 and KB5073724 updates.
Affected users are advised to use the same command line to shut down their devices as a temporary workaround until a fix for VSM-enabled systems is available.
“After installing Windows updates released on or after January 13, 2026 (KB5073724), some Secure Launch-capable PCs with Virtual Secure Mode (VSM) enabled are unable to shut down or enter hibernation. Instead, the device restarts,” Microsoft explained. “We plan to release a solution in a future Windows update. We will provide more information when it is available.”
In January, Microsoft fixed another known issue that caused security applications to flag a core Windows component on client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms as malicious.
More recently, it addressed a known issue that caused the password sign-in option to disappear from the lock screenafter installing Windows 11 updates released since August 2025.
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.