Fix Windows 11 Shutdown Bug KB5077797: Step-by-Step Guide

Introduction

If your Windows 11 PC refuses to shut down and restarts instead, you’re not alone. In January 2026, Microsoft released a security update (KB5073455) that inadvertently created a critical shutdown bug affecting enterprise systems. Microsoft responded quickly with an emergency out-of-band patch: KB5077797. This comprehensive guide will walk you through understanding the issue and implementing the fix with detailed, verified steps.

What is the Windows 11 Shutdown Bug KB5077797?

The Problem: Why Your PC Won’t Shut Down

The shutdown bug emerged after Microsoft released cumulative update KB5073455 on January 13, 2026. This security update created an unexpected conflict with System Guard Secure Launch, a critical security feature designed to protect your system from firmware-level attacks during startup.

Here’s what users experienced:

• Clicking “Shut Down” resulted in the system restarting instead
• Hibernation commands triggered unexpected reboots
• The system appeared to power off but then immediately booted back to the login screen
• Laptops placed in sleep mode unexpectedly powered on, draining battery overnight

Who Is Affected

The shutdown bug specifically impacts:

• Windows 11 version 23H2 Enterprise Edition
• Windows 11 version 23H2 IoT Edition
• Systems with System Guard Secure Launch enabled

Important Note: Windows 11 Home and Pro editions are generally not affected because System Guard Secure Launch is not enabled by default on consumer editions. If you’re using Windows 11 Home or Pro without manually enabling this security feature, you likely won’t encounter this issue.

Root Cause: System Guard Secure Launch Conflict

System Guard Secure Launch creates a specialized security environment called a Virtualization-based Security (VBS) enclave that monitors your operating system kernel during startup. The KB5073455 update modified the system shutdown procedures in a way that prevented proper communication between the shutdown process and Secure Launch’s hypervisor-level security monitoring. This incompatibility caused the system to restart instead of shutting down.

Immediate Workaround: Command-Line Solution

If you need a temporary fix before installing KB5077797, Microsoft provided a command-line workaround:

To use the command-line shutdown workaround:

1. Press Windows Key + R to open the Run dialog
2. Type cmd and press Ctrl + Shift + Enter to open Command Prompt as Administrator
3. Click Yes when prompted to allow changes
4. Copy and paste this command: textshutdown /s /t 0
5. Press Enter to execute the command

This command initiates a shutdown within 0 seconds without triggering the Secure Launch conflict. However, this is only a temporary workaround. The permanent solution is to install KB5077797.

Method 1: Automatic Installation via Windows Update (Recommended)

This is the easiest method for most users. Microsoft is rolling out KB5077797 automatically through Windows Update.

Step 1: Open Windows Settings

1. Press Windows Key + I to open Settings
2. Alternatively, click the Start button, then select Settings (gear icon)

Step 2: Navigate to Windows Update

1. In Settings, click System in the left sidebar
2. Select Windows Update from the menu

Step 3: Check for Updates

1. Click the blue Check for updates button
2. Windows will search for available updates
3. If updates are paused, click Resume updates first

Step 4: Install KB5077797

1. Wait for the scan to complete
2. Look for “KB5077797” in the available updates list
3. If it appears, Windows will offer to install it automatically
4. Click Install now or allow it to install at the scheduled time

Step 5: Restart Your System

1. After installation completes, Windows will prompt you to restart
2. Click Restart now or let Windows restart at a convenient time
3. Your system will reboot and apply the update

Step 6: Verify Installation

1. After restart, return to Settings > System > Windows Update
2. Click Update history or View update history
3. Confirm that KB5077797 appears in your installed updates list

Method 2: Manual Installation via Windows Update Catalog

If KB5077797 is not appearing through automatic updates, you can manually download and install it from the Microsoft Update Catalog.

Step 1: Access the Microsoft Update Catalog

1. Open your web browser (Edge, Chrome, or Firefox)
2. Navigate to: catalog.update.microsoft.com
3. The Microsoft Update Catalog homepage will load

Step 2: Search for the Update

1. In the search box at the top, type KB5077797
2. Press Enter or click the search button
3. The catalog will display available versions of this update

Step 3: Select the Correct Version

The search results will show multiple options. Select based on your system:

System Type	Download
Windows 11 23H2 (64-bit)	kb5077797-x64
Windows 11 23H2 (ARM64)	kb5077797-arm64

To identify your system type:

1. Press Windows Key + Pause or go to Settings > System > About
2. Under “System type,” you’ll see either “64-bit operating system” or “ARM-based processor”

Step 4: Add to Download Basket

1. Click on the update that matches your system configuration
2. Click Add to basket (a shopping cart button will appear)
3. The update is now queued for download

Step 5: Download the Update

1. Click View basket on the page
2. Click the Download button
3. A file download dialog will appear
4. Choose a location to save (Desktop recommended for easy access)
5. Click Save and wait for the download to complete (typically 50-100 MB)

Step 6: Install the Downloaded Update

1. Navigate to where you saved the file (Desktop)
2. Double-click the KB5077797 installation file
3. A Windows installer window will appear
4. Click Yes when prompted for administrator permission
5. The update will begin installing
6. Wait for the installation to complete (this may take several minutes)

Step 7: Restart Your System

1. When prompted, click Restart now
2. Your computer will reboot
3. The update will complete during startup

Step 8: Verify Installation

1. After restart, open Settings > System > Windows Update
2. Click Update history to confirm KB5077797 is listed

Method 3: Enterprise Deployment (For IT Administrators)

If you’re managing multiple systems in an enterprise environment, use Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM).

Using PowerShell for Enterprise Deployment

For IT professionals managing enterprise environments:

powershell# This command requires the PSWindowsUpdate module
Install-WindowsUpdate -KBArticleID "KB5077797" -AcceptAll -AutoReboot

Prerequisites:

• PowerShell must run as Administrator
• PSWindowsUpdate module must be installed (Install-Module PSWindowsUpdate)
• Target systems must have internet connectivity or access to your WSUS server

Advanced Troubleshooting Steps (If Update Still Fails)

If KB5077797 doesn’t install successfully, follow these advanced troubleshooting steps:

Step 1: Run System File Checker (SFC)

Corrupted system files can prevent updates from installing.

1. Press Windows Key + R
2. Type cmd and press Ctrl + Shift + Enter for Administrator access
3. Type the following command: textsfc /scannow
4. Press Enter and wait for the scan to complete (this may take 15-30 minutes)
5. If errors are found, SFC will attempt repairs automatically

Step 2: Run DISM (Deployment Image Servicing and Management)

DISM repairs the Windows image to resolve update issues.

1. In the same Administrator Command Prompt, type: textDISM /Online /Cleanup-Image /RestoreHealth
2. Press Enter and wait for completion
3. Optionally, run a secondary command: textDISM /Online /Cleanup-Image /StartComponentCleanup

Step 3: Restart Windows Update Services

Windows Update services may need to be restarted for the update to proceed.

1. Press Windows Key + R
2. Type services.msc and press Enter
3. Locate the following services and set them to “Automatic”:
   • Windows Update
   • Background Intelligent Transfer Service (BITS)
   • App Readiness
4. Right-click each service and select Restart

Step 4: Clear Windows Update Cache

Corrupted update files may block new updates.

1. Press Windows Key + R
2. Type cmd and press Ctrl + Shift + Enter for Administrator access
3. Type: textnet stop wuauserv
4. Press Enter to stop the Windows Update service
5. Navigate to C:\Windows\SoftwareDistribution\Download
6. Delete all files in this folder
7. Restart the update service: textnet start wuauserv
8. Press Enter

Step 5: Retry the Update

1. Go to Settings > System > Windows Update
2. Click Check for updates
3. Attempt to install KB5077797 again

Step 6: Use Windows Update Recovery Feature

If all else fails, Windows has a built-in recovery option:

1. Open Settings > System > Windows Update
2. Click Advanced options (scroll down)
3. Select Recovery (scroll to the bottom)
4. Click Fix problems using Windows Update
5. Follow the on-screen prompts
6. Your system will reinstall Windows 11 while preserving your files and applications

Verifying the Fix Works

After installing KB5077797, verify that your shutdown functionality has been restored:

Test 1: Standard Shutdown

1. Click Start
2. Click the Power button
3. Select Shut down
4. Verify that your system powers off completely (no restart)
5. Wait 30 seconds to confirm it stays off

Test 2: Hibernation

If your system supports hibernation:

1. Click Start
2. Click the Power button
3. Select Hibernate (if available)
4. Verify the system enters hibernation without restarting

Test 3: Restart Function

1. Click Start
2. Click the Power button
3. Select Restart
4. Confirm the system restarts normally

Check System Information

Verify your system is properly updated:

1. Press Windows Key + Pause or go to Settings > System > About
2. Scroll down to find “Windows Update” section
3. Confirm the build number shows 22631.6494 or higher
4. Go to Settings > System > Windows Update > Update history
5. Verify KB5077797 is listed under “Quality updates”

Frequently Asked Questions (FAQ)

Q: Does this bug affect Windows 11 Home edition?

A: No. System Guard Secure Launch is disabled by default on Windows 11 Home and Pro editions. This bug only affects Windows 11 Enterprise and IoT editions where this security feature is enabled.

Q: Is the command-line workaround safe to use long-term?

A: The workaround is safe but is not a permanent solution. It simply provides an alternative shutdown method. Always install KB5077797 as the permanent fix.

Q: Will installing KB5077797 affect my installed applications?

A: No. This security update only modifies Windows system files and doesn’t affect your applications, documents, or personal files.

Q: Can I uninstall KB5077797 if I experience issues?

A: While technically possible, this is not recommended. KB5077797 fixes a critical security issue. If you experience problems after installation, contact your IT support team or Microsoft support.

Q: How do I check if System Guard Secure Launch is enabled on my system?

A: Open System Information (press Windows Key + Pause) and look for “Virtualization-based security” in the System Summary. If it shows “Running,” Secure Launch is enabled.

Q: Will this update slow down my computer?

A: No. KB5077797 only fixes the shutdown conflict and doesn’t affect system performance during normal operation.

Q: What if my system still won’t shut down after installing KB5077797?

A: Try the advanced troubleshooting steps in the guide above. If issues persist, contact Microsoft Support or your organization’s IT department. Some users have reported success by changing BIOS settings related to Secure Boot, but this should only be done under professional guidance.

Additional Resources

For more information about this update and related issues:

• Microsoft Update Catalog: https://www.catalog.update.microsoft.com
• Windows 11 Known Issues: https://support.microsoft.com/en-us/windows/windows-11-and-windows-10-update-history
• Microsoft Security Updates: https://portal.msrc.microsoft.com

Conclusion

The Windows 11 shutdown bug KB5077797 is a critical issue, but Microsoft’s emergency fix resolves it effectively. Whether you install the update automatically or manually, following the steps in this guide will restore your system’s proper shutdown functionality.

If you’re using Windows 11 Enterprise with System Guard Secure Launch enabled, prioritize installing KB5077797 as soon as possible. The installation process is straightforward and risk-free, taking only a few minutes of your time.

For enterprise IT administrators managing multiple systems, consider deploying this update through your WSUS or SCCM infrastructure to ensure all affected systems are protected quickly.

If you encounter any issues during installation, the advanced troubleshooting section provides comprehensive solutions to resolve common problems.