Microsoft off-schedule patches for January: two critical failures affecting remote sessions and off with Secure Launch

Microsoft has had to move fast after January security updates: the monthly patches introduced at least two significant failures that affect remote sessions and the shutdown of equipment with certain active protections, so the company has published off-schedule corrections for Windows 10, Windows 11 and several Windows Server editions.

The first problem It caused errors by asking for credentials in remote connection applications, which in practice could block Cloud PC, Azure Virtual Desktop and RDP connections managed from the Windows application. Administrators and users began to note that in trying to log in at those sessions the request for credentials failed or did not allow the authentication to be completed correctly. Microsoft related it directly to the patches published in January and decided to launch additional updates to restore functionality.

The second failure It affected teams with Secure Launch enabled in Windows 11 version 23H2: after applying the January patch, some devices could not be turned off or hibernated and, instead, were automatically reinitiated. Secure Launch is a feature that uses virtualization technologies to protect startup from firmware-level threats, so the problem had both usability and confidence implications for system security measures.

To solve these incidents, Microsoft published several out-of-band updates that must be installed manually from the Microsoft Update Catalog; for example, there are specific packages for Windows Server 2025 ( KB5077793), Windows Server 2022 ( KB5077800), Windows 11 in its different branches ( KB5077744 for 25H2 / 24H2 and KB5077797 for 23H2) and for Windows 10 ( KB5077796). These newsletters include the necessary corrections to recover remote connections to Cloud PC and, in the case of Windows 11 23H2, solve the off problem when Secure Launch is active.

Microsoft warns that, for the moment, these updates are not distributed via Windows Update in all environments, so the affected teams should manually download and install the packages from the Microsoft Update Catalogue. For organizations that manage a large device park and cannot apply the packages immediately, the company also offers deployments of Known Issue Rollback (KIR) that can be distributed with group policies; Microsoft published KIR installers for various versions (e.g. for Windows Server 2022, Windows 11 and Windows 10), which allow to reverse the change that caused incompatibility while preparing a final correction.

If you manage Secure Launch equipment and need to turn off an emergency before applying the correction, Microsoft had indicated a temporary solution: run a forced off with the classic command shutdown / s / t 0 which orders the immediate shutdown. However, this is a timely measure and it is recommended to deploy the corresponding update or KIR to avoid unexpected restarts and restore normal operation.

For those who manage corporate environments, the safest route is to assess the extent of the problem in their infrastructure: check whether there are users with affected Cloud PC or AVD sessions and whether there are teams with Secure Launch active in the 23H2 branch. If the incidents are not presented in your environment, it is not mandatory to install emergency updates; Microsoft recalls that the corrections will also be included in next scheduled updates - either in previous updates or in the next Patch Tuesday - so some organizations will prefer to wait and test the patches in laboratories before they are deployed to production.

Official documentation on how to deploy a Known Issue Rollback through group directives can be found on the Microsoft site: How to use Group Policy to deploy a Known Issue Rollback. To better understand what Secure Launch is and why its integration with safe boot is critical, Microsoft keeps a technical guide in its documentation center: Secure Launch overview.

In practice, this kind of incident reminds us of how complex it is today to maintain the compatibility between safety patches and system functionalities; sometimes a vulnerability correction introduces side effects in highly integrated components such as remote authentication or safe start functions. The recommendation for IT equipment remains the same: test updates in controlled environments, keep backup and have clear mitigation procedures (such as use of KIR or emergency commands) to minimize impact on critical users and services.

If you want to access the newsletters directly with the out-of-band packages published by Microsoft, here are some official links where the patches and their objectives are described: KB5077793 for Windows Server 2025 ( support), KB5077797 for Windows 11 23H2 ( support) and KB5077796 for Windows 10 ( support), from where you can also access the download links in the catalogue.

In short, Microsoft has already delivered patches and mitigation options; it is up to each IT team to evaluate their exposure, prioritize installation in critical systems and follow official guides to deploy the corrections without surprises. Keeping calm, testing and applying with criterion remains the best strategy when a security update brings unexpected consequences.