Event details
Lots of people are seeing the 'hang/freeze after 5 minutes' (Windows 10) when Task Scheduler runs 'Microsoft\Windows\PI\Secure-Boot-Update'. Numerous people (including me) started seeing this issue after January's ESU KB5073724. Reddit etc. is full of similar stories. I've been getting by by disabling the network (stopping NSI service at startup and enabling after 5 mins). Hopefully Microsoft will pick up on this and resolve things as it's hurting lots of people!
I've added my story to this Windows forum:
https://www.tenforums.com/windows-updates-activation/222472-january-2026-esu-kb5073724-windows-freezes-after-4-5-minutes.html
Does it avoid the freeze if you set in registry
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot
- AvailableUpdates = 0 (remember the previous value)
- HighConfidenceOptOut = 1 (you may have to create as DWORD if not present)
That way, the scheduled task should not pick up any Secure Boot update and future cumulative updates will not automatically try to install any Secure Boot updates either. On the other hand, you should try manually to install all the ones you can (without freezing) if you intend to have Secure Boot protecting your machine at the same level after June 2026. If you cannot install any of them, leaving Secure Boot on with old certificates is still more secure than turning it off.
Out of curiositry, in
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecureBoot\Servicing
Can you look up BucketHash and ConfidenceLevel and post them here? Thanks.