New Update Windows 11 KB5077181, KB5075941 February 2026 Patch Tuesday updates

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Apr 24, 2016
7,714
6
82,085
8,389
54
The Netherlands
Microsoft has released the February 2026 Patch Tuesday updates for Windows 11 25H2, 24H2, and 23H2. The 25H2 and 24H2 update is provided via KB5077181, build 26100.7840 on 24H2, and build 26200.7840 on 25H2, after applying the updates. Meanwhile the Windows 11 23H2 update is under KB5075941 and build 22631.6649.

The major highlights are:
  • [Gaming] Fixed: This update addresses an issue that determines device eligibility for the full-screen gaming experience.
  • [Networking] Fixed: This update addresses an issue that prevented some devices from connecting to certain WPA3‑Personal Wi‑Fi networks. The issue might occur after you install KB5074105.
  • [Secure Boot] With this update, Windows quality updates include a broad set of targeting data that identifies devices and their ability to receive new Secure Boot certificates. Devices will receive the new certificates only after they show sufficient successful update signals, which helps ensures a safe and phased rollout.
There are currently no known issues.
Click to expand...
www.neowin.net

Windows 11 KB5077181, KB5075941 February 2026 Patch Tuesday updates out

Microsoft has released Patch Tuesday updates for Windows 11 KB5077181, KB5075941 for February 2026. Here's what's included.
www.neowin.net www.neowin.net
 
  • Like
  • +Reputation
  • Applause
Reactions: Khushal, Moonhorse, Viking and 10 others
Gandalf_The_Grey said:
www.neowin.net

Windows 11 KB5077181, KB5075941 February 2026 Patch Tuesday updates out

Microsoft has released Patch Tuesday updates for Windows 11 KB5077181, KB5075941 for February 2026. Here's what's included.
www.neowin.net www.neowin.net
Click to expand...
Your quote matches Microsoft’s own release notes for today’s Patch Tuesday (February 10, 2026) for Windows 11:

What Microsoft officially lists for these releases
  • Windows 11 24H2 / 25H2: KB5077181 → OS Builds 26100.7840 (24H2) and 26200.7840 (25H2). Microsoft’s “Improvements” section includes the same items you quoted (gaming full-screen eligibility, WPA3-Personal connection fix after KB5074105, and Secure Boot certificate targeting/phased rollout data).
  • Windows 11 23H2: KB5075941 → OS Build 22631.6649. Microsoft lists “Known issues in this update: not currently aware of any issues.”

Two security-relevant notes worth calling out
  • “No known issues” can change later: Microsoft often updates the Known Issues section after release, so it’s worth checking the KB pages again if you run into install/boot/network oddities.
  • Secure Boot / certificate work is in play: Microsoft is clearly preparing for the Secure Boot certificate expiration timeline (starting June 2026). On 23H2, the KB notes Boot Manager/UEFI CA-related changes and warns that toggling Secure Boot or resetting the Secure Boot DB can, in rare cases, trigger a Secure Boot violation scenario (with recovery media as the stated fix). That doesn’t mean “don’t patch” — it means “patch normally, but don’t casually flip Secure Boot settings afterward on systems you can’t easily recover.”

Practical guidance (MalwareTips-style)
  • Install via Windows Update unless you have a specific reason to do manual .msu installs.
  • Before patching: have a current backup and (if BitLocker is enabled) ensure you can access your recovery key.
  • If you manage multiple PCs, monitor Microsoft’s KB pages / Windows release health for any newly posted known issues over the next few days.

Sources
 
I always install as available on Patch Tuesday but always image first if worst should occur, nothing has gone wrong of note with WU in my case for a long time.
 
Microsoft’s February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment.
Users describe devices entering infinite restart loops, often exceeding 15 cycles, preventing access to the desktop.
This cumulative update delivers essential security fixes alongside quality improvements from prior releases like KB5074109.
Click to expand...
Full Article:
cybersecuritynews.com

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment.
cybersecuritynews.com cybersecuritynews.com
 
  • Like
  • +Reputation
  • Thanks
Reactions: Wrecker4923, lokamoka820, Halp2001 and 2 others
Brownie2019 said:
Full Article:
cybersecuritynews.com

Windows 11 KB5077181 Security Update Causing Some Devices to Restart in an Infinite Loop

Microsoft's February 10, 2026, security update KB5077181 for Windows 11 versions 24H2 (build 26200.7840) and 25H2 (build 26100.7840) has triggered widespread reports of critical boot failures just days after deployment.
cybersecuritynews.com cybersecuritynews.com
Click to expand...
The article is plausible in the sense that there are real community reports of post-install problems after KB5077181 (Feb 10, 2026), but calling it “widespread” is not something Microsoft has confirmed so far.

What Microsoft officially says (as of Feb 15, 2026)
Microsoft’s own KB page for KB5077181 (Windows 11 24H2/25H2 builds 26100.7840 and 26200.7840) currently lists no known issues. ([support.microsoft.com](https://support.microsoft.com/en-au/topic/february-10-2026-kb5077181-os-builds-26200-7840-and-26100-7840-f0fa9e54-a22a-4a06-96b6-bf5b2aded506?utm_source=openai))

What users are reporting
Independently of the “Known issues” section, there are reports on Microsoft Learn Q&A and in tech press of:
  • Repeated restart/boot loops
  • Login failures referencing SENS (System Event Notification Service)
  • Some network/DHCP-related breakage on affected systems
These are not proof that the update is globally “bricking PCs,” but they do indicate a real regression for some devices/environments. ([learn.microsoft.com](https://learn.microsoft.com/en-us/answers/questions/5771005/is-anyone-of-you-facing-issues-with-the-latest-win?utm_source=openai))

Practical guidance

If you have NOT installed KB5077181 yet
  • If you can safely defer, consider pausing updates for a short period and monitor Microsoft’s guidance (KB page / Release Health) for acknowledgement or a follow-up fix. ([support.microsoft.com](https://support.microsoft.com/en-au/topic/february-10-2026-kb5077181-os-builds-26200-7840-and-26100-7840-f0fa9e54-a22a-4a06-96b6-bf5b2aded506?utm_source=openai))
  • At minimum, make sure you have a current backup and that your BitLocker recovery key is available before patching (so WinRE recovery actions won’t lock you out).

If you are already stuck in a reboot loop / can’t log in
Go for the lowest-risk recovery steps first:
  • Boot into WinRE (Windows Recovery Environment) and try: Troubleshoot → Advanced options → Uninstall Updates → Uninstall latest quality update.
  • If you can reach Safe Mode, try a normal uninstall from “Installed updates” and reboot.
  • If uninstall methods are failing: Microsoft’s KB notes that uninstalling the LCU may require DISM /Remove-Package (and that wusa.exe uninstall may not work on the combined SSU+LCU package). ([support.microsoft.com](https://support.microsoft.com/en-au/topic/february-10-2026-kb5077181-os-builds-26200-7840-and-26100-7840-f0fa9e54-a22a-4a06-96b6-bf5b2aded506?utm_source=openai))

What not to do
  • Avoid “fix tools,” registry cleaners, or random scripts promoted in blogs/comments. This is a Windows servicing/boot stability issue, not something that should require third-party “repair” utilities.
  • Avoid assuming it’s malware just because the machine is looping—treat it as an update regression unless you have independent indicators of compromise.

Conclusion / next step
Treat the cybersecuritynews post as an unverified aggregation: there are credible user reports, but Microsoft has not (yet) documented KB5077181 as having known boot issues. The safest path is to (1) defer briefly if you can, and (2) if affected, use WinRE to uninstall the latest quality update and then pause updates until Microsoft publishes an official mitigation or revised update. ([support.microsoft.com](https://support.microsoft.com/en-au/topic/february-10-2026-kb5077181-os-builds-26200-7840-and-26100-7840-f0fa9e54-a22a-4a06-96b6-bf5b2aded506?utm_source=openai))
 
  • Like
Reactions: Brahman
Technical Analysis & Remediation

MITRE ATT&CK Mapping

T1489
Service Exhaustion (Unintentional impact from legitimate software flaw).

CVE Profile

CVE-2026-21533
[NVD Score: Unknown]
[CISA KEV Status: Active]

CVE-2026-21510, CVE-2026-21519, CVE-2026-20841
[NVD Score: Unknown]
[CISA KEV Status: Inactive].

Telemetry
Hashes, IPs, and Registry Keys are not present in the provided source text and are flagged as Unknown.

Observed string literals include installation error codes "0x800f0983" and "0x800f0991".

Remediation string literal observed is "wusa /uninstall /kb:5077181 /quiet /norestart".

Constraint
This behavior suggests a standard Windows Latest Cumulative Update (LCU) deployment failure resulting in System Event Notification Service (SENS) crashes and DHCP connection failures.

Remediation - THE ENTERPRISE TRACK (NIST SP 800-61r3 / CSF 2.0)

GOVERN (GV) – Crisis Management & Oversight

Command
Issue an immediate freeze on KB5077181 deployment via WSUS or equivalent patch management systems until Microsoft verifies a hotfix.

DETECT (DE) – Monitoring & Analysis

Command
Query SIEM logs for Windows Update installation errors "0x800f0983" and "0x800f0991" to identify affected endpoints.

RESPOND (RS) – Mitigation & Containment

Command
Execute wusa /uninstall /kb:5077181 /quiet /norestart on reachable systems that have not yet rebooted into a failure loop.

RECOVER (RC) – Restoration & Trust

Command
Dispatch support personnel to manually interrupt the boot sequence three times to enter the Windows Recovery Environment on looping devices.

Command
Select Troubleshoot, navigate to Advanced options, open the Command Prompt, and run the uninstallation command.

Command
Run sfc /scannow to validate and repair corrupted system files once the update is successfully removed.

IDENTIFY & PROTECT (ID/PR) – The Feedback Loop

Command
Implement phased ring-deployments and test WSUS rollouts prior to fleet-wide distribution to mitigate future Patch Tuesday availability risks.

Remediation - THE HOME USER TRACK (Safety Focus)

Priority 1: Safety

Command
Navigate to Control Panel > Programs and Features > View installed updates, and uninstall KB5077181 immediately before your next restart.

Command
Pause Windows Updates to block the automatic re-download of the faulty patch.

Priority 2: Identity

Command
No identity or credential reset is required, as this is an OS availability disruption and not a security compromise.

Priority 3: Persistence

Command
If the device is already caught in an infinite restart loop, interrupt the boot process three times to access the Windows Recovery Environment to execute a manual uninstall.

Hardening & References

Baseline
CIS Benchmarks for Windows 11 (Update & Patch Management).

Framework
NIST CSF 2.0 / SP 800-61r3.

Source

CyberSecurity News

BleepingComputer
Click to expand...
 
Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications.
The company says it is working with Samsung to determine whether the problem is related to the Windows updates or Samsung software installed on affected devices.
"Users might encounter the error, 'C:\ is not accessible – Access denied', which prevents access to files and blocks the launch of some applications including Outlook, Office apps, web browsers, system utilities and Quick Assist," explains Microsoft.
Microsoft says these errors can appear during normal Windows usage on a Samsung device, such as when accessing files, launching applications, or performing administrative tasks. In some cases, the permission problems can prevent users from elevating privileges, uninstalling updates, or accessing logs.
The problem has been reported mostly in Brazil, Portugal, South Korea, and India, and is primarily impacting Samsung Galaxy Book 4 and other Samsung consumer devices.
Microsoft says its latest investigation suggests the issue may be related to the Samsung Share application, though the exact root cause has not yet been confirmed.
At this time, the issue only impacts systems running Windows 11 version 25H2 and 24H2.
While Microsoft has not shared a temporary solution, a Reddit user claiming to be a Samsung technician in Brazil has posted a workaround that some affected users say restores access to the C:\ drive.
However, the workaround requires changing the ownership of the entire C:\ drive and all subfolders to the "Everyone" group, including system directories and files that are normally owned by TrustedInstaller or SYSTEM.
Changing ownership of system files in this way weakens Windows' built-in security protections. Therefore, users should avoid applying the workaround unless absolutely necessary and instead wait for a fix from Microsoft.
Click to expand...
www.bleepingcomputer.com

Microsoft: Windows 11 users can't access C: drive on some Samsung PCs

Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications.
www.bleepingcomputer.com www.bleepingcomputer.com
 
Microsoft confirmed a new Windows issue on March 12th, 2026 that prevents access to files on the main c: drive of the system and blocks certain applications from launching.

The issue affects certain Samsung devices that run Windows and have installed the February 2026 security updates or newer updates for Windows 11, version 24H2 or 25H2 systems.

Here are the details:
  • Affected Windows versions: Windows 11, version 24H2 and 25H2
  • Affected devices: Only certain Samsung devices.
  • Originating update: KB5077181 (25H2 and 24H2)
Click to expand...
chipp.in

Windows: Some users may lose "access to the C: drive" and experience "app failures" - Chipp.in Tech News and Reviews

Microsoft confirmed a new Windows issue on March 12th, 2026 that prevents access to files on the main c: drive of the system and blocks...
chipp.in chipp.in
 
  • Like
  • Wow
Reactions: Halp2001, Parkinsond and harlan4096
An alert worth paying attention to. It is not a widespread issue, but serious enough to recommend caution. Perhaps the most sensible approach is to wait a few days before applying the patch on Samsung devices, or at least keep an updated backup. The value of this warning lies in reminding us that even official updates can bring unexpected effects, and prevention remains our best ally.

Thanks to @lokamoka820 for sharing this alert, as it reminds us that prevention begins with being informed. 👏
 
  • Hundred Points
Reactions: lokamoka820
 
  • Like
Reactions: lokamoka820 and Khushal

Microsoft explains how to fix broken drive C, apps, and other issues in Windows 11​

First, you need to uninstall the Samsung Galaxy Connect and/or Samsung Continuity Service in Settings > Apps > Installed apps. After that, restart your computer and add temporary permissions to drive C:
Right-click drive C and select Properties.
Go to Security > Advanced.
In the new window, click Change next to Owners.
Type Everyone and click Ok.

The next step is to add a temporary permission to drive C:
Right-click drive C and select Properties.
Go to Security > Advanced and click Edit.
Click Add and type Everyone.
If prompted, click Yes. If Windows 11 shows multiple warning prompts, press Alt + C.

Now, it is time to restore the original permissions:
Launch Notepad and paste the following:
BAT
icacls c:\ /grant BUILTIN\Administrators:(OI)(CI)(F)
icacls c:\ /grant "NT AUTHORITY\SYSTEM:(OI)(CI)(F)"
icacls c:\ /grant BUILTIN\Users:(OI)(CI)(RX)
icacls c:\ /grant "NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(M)"
icacls c:\ /grant "NT AUTHORITY\Authenticated Users:(AD)"
icacls c:\ /setowner "NT Service\TrustedInstaller"
icacls c:\ /remove everyone
pause
Show more lines

Save the file as RestoreAccess.txt and then change its extension to bat – RestoreAccess.bat.
Right-click the newly made file and select Run as Administrator.
Restart your computer.

Click to expand...
 
Last edited by a moderator:
  • Like
  • +Reputation
Reactions: Sampei.Nihira, Khushal and Gandalf_The_Grey

You may also like...