Microsoft blocks a way for user sign-in on Windows 11 25H2 24H2, and for good reason

A few days ago, Microsoft released the latest Patch Tuesday updates for Windows 11 and 10. If you are a user, you may have noticed a new change after installing it. Windows probably no longer allows apps to autofill credential data during certain scenarios. If you are thinking it's a bug, the tech giant has confirmed that it is not the case and that this is expected "new behaviour."

So for those of you wondering what happened, Microsoft says that this is a new security hardening change put in place to safeguard against a Windows Hello tampering vulnerability. The company had recently confirmed this input injection flaw on its MSRC website under a new ID CVE-2026-20804. Neowin noticed this change today while browsing.

If you recall, we had already reported on this issue back in August of 2025 when security researchers had flagged it for the first time. As such, Microsoft no longer allows remote autofill and automated auth on certain apps and instances, which can be vulnerable.

On January 2026 Patch Tuesday Windows 11 updates (KB5074109, KB5073455), Microsoft added the following change to the release notes earlier today. It writes:

• [Credentials autofill] This update introduces a security hardening behavior restricting certain applications to autofill credentials during remote support sessions or automated authentication workflows. With this change, credential dialogs do not respond to virtual keyboard input from remote desktop or screen sharing tools or apps.

Microsoft has added further details on the change in a separate support article. It explains: "This intentional change of behavior is designed to protect users against untrusted input injection. Windows authentication dialogs will only accept input from trusted local sources, such as physical keyboard input, trusted accessibility applications with UIAccess privilege, or applications running with elevated (administrator) integrity."

The company has said that users and IT admins will notice the following changes post this update:

• "Applications attempting to autofill credentials into the Windows authentication dialog and sign-in interfaces might fail to do so.
• Credential dialogs might not respond to virtual keyboard input from remote desktop or screen sharing tools or apps, such as Microsoft Teams or similar third-party apps.
• Automatic or scripted authentication workflows might not proceed because the credentials interface no longer accepts input."

Thus going forward, admins and users alike have been encouraged to update such apps to avoid keyboard entry into credential interfaces and authenticate through supported Windows authentication UIs.

In case you need the previous autofill behavior to still function, Microsoft says that it is possible. It writes: "Do so by enabling applications performing remote credential submission to run with elevated (administrator) privileges. This should allow the previous behavior until applications can be updated to account for the hardening changes driven by CVE-2026-20824", though it has cautioned you do so only in a tightly controlled environment that is safe and secure.

Source

Hope you enjoyed this news post. Feedback welcome.

Posted Saturday 14 February 2026 at 3:27 am AEST (my time).

News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of January) 461

RIP Matrix