Windows 11 Update KB5058405 Bricking PCs: How to Fix ACPIsys 0xc0000098 Error

By /

Listen to this Post

Featured Image
Microsoft’s recent out-of-band update (KB5058405) for Windows 11 22H2/23H2 has caused boot failures, particularly in enterprise environments, Azure Virtual Machines, and Hyper-V/Citrix VMs. The error (0xc0000098) stems from ACPI.sys, a critical kernel-mode driver for power management.

Read the full article: BleepingComputer Report

You Should Know: How to Diagnose and Fix the Issue

1. Boot into Safe Mode

If your system is stuck in a recovery loop:
– Restart and hold Shift + F8 (or F11 for some UEFI systems).
– Select Troubleshoot > Advanced Options > Startup Settings > Restart.
– Press F4/F5 for Safe Mode (with/without networking).

2. Uninstall the Faulty Update

Once in Safe Mode:

wusa /uninstall /kb:5058405 /quiet /norestart

Or via PowerShell (if Windows Update service is accessible):

Remove-WindowsUpdate -KBArticleID KB5058405 -Confirm:$false

3. Repair ACPI.sys Manually

From a working Windows 11 ISO or recovery media:

dism /image:C:\ /cleanup-image /restorehealth /source:WIM:X:\sources\install.wim:1 /limitaccess
sfc /scannow /offbootdir=C:\ /offwindir=C:\Windows

Replace `C:` with your OS drive letter.

4. Disable Automatic Updates Temporarily

Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoUpdate" -Value 1

5. Check Event Logs for ACPI Errors

Get-WinEvent -LogName System | Where-Object { $<em>.Id -eq 41 -or $</em>.Message -like "ACPI" } | Format-List

6. Roll Back Hyper-V/Citrix Snapshots

For affected VMs:

Get-VMSnapshot -VMName "Your_VM" | Restore-VMSnapshot -Confirm:$false

What Undercode Say

Microsoft’s rushed patches continue to disrupt enterprise systems, highlighting the need for:
– Staged rollouts (test updates in isolated environments).
– Automated backup checks before applying patches.
– Fallback mechanisms (e.g., VM snapshots, DISM backups).

Proactive Commands for Admins:

 Linux systems monitoring Hyper-V (via libvirt): 
virsh snapshot-create-as --domain Win11-VM --name "Pre-KB5058405" --description "Backup before patch" 

 Windows: Export current driver state 
driverquery /v /fo csv > C:\Drivers_Backup.csv

Prediction

Future Windows updates may face increased scrutiny, with enterprises delaying deployments or shifting to Linux-based VDI solutions for critical workloads.

Expected Output:

  • Bootable system post-update uninstallation.
  • Recovered ACPI.sys functionality.
  • Event logs cleared of critical failures.

IT/Security Reporter URL:

Reported By: Charlescrampton Another – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Related Posts: