News
Microsoft Releases Emergency Fix for Azure Virtual Desktop, Windows 365 Authentication Failures
Microsoft released an out-of-band update Friday to resolve credential authentication failures affecting Azure Virtual Desktop and Windows 365 connections that emerged after the company's January 2026 security update.
The issues began following the Jan. 13 deployment of KB5073379, which caused credential prompt failures in remote connection applications using the Windows App on Windows client devices. The problems affected multiple versions of Windows, including Windows 11 versions 25H2, 24H2 and 23H2, Windows 10 versions 22H2 and 21H2, and several Windows Server editions.
"After installing the January 2026 Windows security update (KB5073379), credential prompt failures might occur in some remote connection applications," Microsoft said in its Windows release health status update. "This includes remote desktop connections using the Windows App on Windows client devices, on Azure Virtual Desktop and Windows 365."
The company's automated monitoring systems detected the issue after registering an increase in failed connection attempts shortly after the security update rollout. Investigation and debugging efforts involved coordination between Azure Virtual Desktop and Windows Update teams.
Microsoft released KB5077793 through the Microsoft Update Catalog on Friday to address the authentication problems. The company recommended organizations that have not yet deployed the January security update apply the out-of-band update instead if their IT environments include the affected applications and features.
"If you have not yet deployed the January 2026 Windows security update and your IT environment includes the affected applications and features, we recommend applying this OOB update instead," Microsoft said.
For users who have not installed the out-of-band update, Microsoft provided two temporary workarounds. Users can connect using the Remote Desktop client for Windows to access Azure Virtual Desktop, or they can use the Windows App Web Client at windows.cloud.microsoft.
The January security update addressed 113 vulnerabilities across Windows, Office and other products, including one actively exploited zero-day vulnerability tracked as CVE-2026-20805. The zero-day is an information disclosure flaw in the Desktop Window Manager that allows attackers to leak memory addresses through a remote ALPC port.
The emergency fix comes as Microsoft continues to address issues stemming from its monthly security updates. A separate problem affecting Windows 11 version 23H2 prevented some devices with Secure Launch enabled from shutting down or hibernating after installing the January update.
Affected platforms include Windows 11 versions 25H2, 24H2 and 23H2; Windows 10 versions 22H2 and 21H2; Windows 10 Enterprise LTSC 2019 and 2016; and Windows Server 2025, 2022 and 2019.
Organizations can download the out-of-band update from the Microsoft Update Catalog or implement a Known Issue Rollback through Group Policy for enterprise-managed devices.