Microsoft’s August cumulative for Windows 11 — KB5063878 (OS Build 26100.4946) — has been linked by independent testers and enthusiast communities to a reproducible and severe storage fault: under sustained large sequential writes (reports center around the 50 GB range), certain NVMe SSDs—and a small number of HDDs—can become completely unresponsive, disappear from the operating system, and present unreadable SMART data, sometimes resulting in file-system corruption and permanent data loss. Early testing points to a pattern that over-represents Phison-based controllers, particularly DRAM‑less or older controller families, but the phenomenon has not been limited to a single vendor or firmware, and Microsoft has not published an official storage-related known‑issues bulletin tied to the update at the time of reporting. (support.microsoft.com)
Source: igor´sLAB Windows 11 update “KB5063878” destroys SSDs: Storage error with large amounts of data, Phison controller particularly affected | igor´sLAB
Background
What KB5063878 is and how it was released
KB5063878 was published by Microsoft on August 12, 2025 as a combined servicing stack and cumulative security update for Windows 11 version 24H2 (OS Build 26100.4946). The official release notes describe security and quality improvements and list no currently known issues in the Microsoft support entry for the KB. Administrators, however, quickly encountered an unrelated deployment regression (WSUS/SCCM install failures with error 0x80240069) that Microsoft subsequently addressed through its servicing controls. (support.microsoft.com) (bleepingcomputer.com)Why this matters now
Storage reliability is a single point of failure for most users and organizations. An OS-level change that manifests as drives disappearing mid-write is not merely a performance nuisance — it is a direct data‑integrity risk. The combination of an urgent security rollup and widespread background updates means devices recently patched are at potential risk precisely when they perform heavy write workloads (game updates, large installers, backups), which is how many users discovered the issue. Community reproductions and tech outlets picked up the initial findings within days of the KB’s rollout. (wccftech.com)What the reports show — symptoms and reproducibility
Core symptoms observed by testers
- Drives disappear from Windows (Device Manager and Disk Management: no device present) while write operations are in progress.
- SMART and controller attributes become unreadable by the OS during the failure state.
- In some cases a reboot briefly restores visibility, but the failure often recurs under the same workload and may leave behind file-system corruption.
- The trigger is described consistently as sustained sequential writes on the order of tens of gigabytes (community tests often cite ~50 GB as the threshold) and elevated controller utilization (reports note controller usage spikes above ~60%). (notebookcheck.net)
How reproducible is the issue?
Independent community testing by enthusiasts and a handful of aggregation threads show reproducible behavior on specific systems when the same write pattern is applied, but results are not universal across all models or firmware versions. The signal is strong enough that multiple outlets and communities have collated lists of candidate models and controller families, but vendor‑level telemetry and a Microsoft acknowledgement of the storage symptom set are not yet public at scale. That leaves the current state as an urgent community warning rather than a fully confirmed, vendor‑validated root cause. (notebookcheck.net)Which drives and controllers have been implicated?
Models and controllers flagged in early reports
Community lists assembled from hands‑on testing and aggregator sites include drives and controllers such as:- Phison PS5012‑E12 / Phison E16 family (examples: Corsair Force MP600, other E12‑based models), and some E31T/E21T variants.
- Kioxia Exceria Plus G4 (Phison‑based SKU variants).
- SanDisk Extreme PRO M.2 NVMe 3D (Triton MP28 controller — included in some aggregated lists).
- Fikwot FN955 and other third-party branded devices reported in initial threads.
- Additional models (WD Blue SN5000, WD Red SA500) were mentioned in follow-ups as sometimes recovering after reboot. (notebookcheck.net) (wccftech.com)
Important caveats about the model lists
- These lists are community‑compiled and unofficial. They are useful signals, not definitive diagnostic inventories. Firmware version, system firmware (BIOS/UEFI), driver stack, platform-specific NVMe driver variants, and workload patterns all influence whether a drive will fail under these conditions. Multiple sources emphasize that no single vendor or firmware uniformly accounts for every report. Treat the lists as investigation starting points rather than a final compatibility matrix.
Technical analysis — likely root causes and mechanics
Two dominant hypotheses
- Operating‑system / kernel‑level regression: a Windows kernel or driver change in how it handles buffered/sequential writes (or NVMe/HDD I/O paths) that leads to command sequences or timing that trigger latent firmware bugs in some controllers. This pattern would explain why seemingly unrelated drives from different vendors behave similarly under identical host conditions.
- Controller/firmware edge case triggered by host behavior: SSD controllers (notably some Phison families) can contain latent bugs that only manifest under specific sustained loads or host‑provided resources (e.g., Host Memory Buffer interactions for DRAM‑less drives). An update that subtly changes timing, caching, or memory allocation may push a controller into a crash or lock‑up state, causing the device to disappear from the host. Historical precedence exists for HMB‑related instability in Windows 11 24H2 rollouts (previous incidents in late 2024 and 2025 required vendor firmware fixes and Microsoft upgrade blocks).
Why SSDs can “disappear”
When a controller locks up or its firmware crashes, the NVMe device can stop responding to standard admin/scsi/PCIe queries. The operating system cannot read SMART, cannot enumerate namespaces, and will report the device as absent. From a host perspective that’s indistinguishable from a device that has been physically removed. In certain failure modes, a reboot briefly reinitializes the controller and restores access; in worse cases the controller state or firmware corruption prevents recovery without vendor intervention.HMB and DRAM‑less SSDs: why they’re sensitive
DRAM‑less controllers rely on the Host Memory Buffer to cache mapping tables. HMB tight-couples host memory allocation and controller behavior; subtle changes in how Windows assigns or uses HMB memory can expose timing or capacity bugs in firmware. Previous Windows 24H2 episodes showcased this exact coupling — firmware patches and Microsoft-side mitigations were used to restore stability. The present symptoms echo that architecture‑level fragility even if HMB is not definitively the root cause in all cases.Verification status: what’s confirmed and what remains unproven
Confirmed facts
- Microsoft released KB5063878 on August 12, 2025 (OS Build 26100.4946). The official KB page lists the update and no current known issues for storage. (support.microsoft.com)
- The same cumulative produced widely reported enterprise delivery failures (WSUS/SCCM) with error 0x80240069, which Microsoft acknowledged and mitigated. (bleepingcomputer.com)
Reported but not yet vendor‑validated
- Multiple independent community reports indicate that sustained large writes can cause drives to disappear and SMART data to be unreadable; affected models are over‑represented by Phison controller families. Those reports are corroborated by several outlets that aggregated community testing, but Microsoft and most SSD vendors had not universally confirmed a causal link when these accounts circulated. These remain high‑priority hypotheses that require vendor telemetry and Microsoft analysis to confirm root cause. (wccftech.com)
What to watch for in the coming hours/days
- Vendor firmware advisories or coordinated statements (Corsair, Phison, Kioxia, SanDisk, WD) that identify specific firmware versions or recommend mitigations.
- Microsoft Release Health / known‑issues updates that add storage symptoms to the KB entry or announce an upgrade block for certain models.
- Wider telemetry: a dramatic rise in RMA requests or vendor service bulletins would move the issue from localized anecdotes to a confirmed systemic regression.
Practical guidance — immediate steps for users and administrators
For home users and enthusiasts (short checklist)
- Back up critical data immediately to an external device or cloud. Data backups are the only guaranteed insurance against drive-level failures. Do this before performing any further writes or firmware flashes.
- If you have recently installed KB5063878 and you rely on an SSD that matches early suspect lists (Phison controllers, DRAM‑less SKUs), avoid large sustained writes (no mass game installs, large game patches, bulk copies, or large video exports) until you can confirm vendor guidance or Microsoft updates. (notebookcheck.net)
- Check your SSD vendor’s management tool for firmware updates and guidance. Do not flash firmware on a device containing critical data unless you have a verified backup and the vendor explicitly recommends the specific update.
For IT administrators and procurement teams
- Inventory: map SSD models, controller families, and firmware levels across endpoints. Prioritize identifying DRAM‑less NVMe devices or drives previously associated with 24H2 issues.
- Pause deployment: use WSUS/SCCM/MECM or MDM controls to withhold KB5063878 from at‑risk endpoints until vendor guidance is verified. Microsoft’s Known Issue Rollback (KIR) has been used previously to mitigate install regressions; apply enterprise controls prudently. (bleepingcomputer.com)
- Schedule heavy I/O tasks (imaging, large file distribution, backups) to systems not yet patched or to known‑good hardware to avoid inadvertent failures.
If a drive becomes unreadable
- Power off the host immediately. Continued power cycles or stress tests can worsen firmware corruption.
- If the data is critical, remove the drive and attach it to a quarantine system (forensic imaging recommended) rather than attempting filesystem repairs or reformatting. Imaging preserves what remains for vendor or lab analysis.
- Collect system logs (Event Viewer System/Application), capture NVMe driver logs, and note exact firmware versions and timestamps for vendor RMA. Vendors may require logs for root‑cause analysis.
Registry and HMB mitigations — approach with caution
Community‑proposed registry mitigations (disabling or limiting HMB) were used during prior 24H2 episodes to reduce risk, but they are workarounds that reduce SSD performance and are not fixes. Apply such mitigations only after lab testing and with documented rollback procedures; do not deploy them broadly without vendor and internal QA approval.Critical analysis — strengths, risks, and who bears responsibility
Strengths in the ecosystem response
- Microsoft’s servicing architecture (KIR and re‑release mechanisms) provides avenues to quickly mitigate distribution regressions in enterprise channels, as demonstrated with the WSUS/SCCM issue. Vendors can also issue targeted firmware updates when root cause points to controller firmware. (bleepingcomputer.com)
Systemic weaknesses and recurring patterns
- The Windows storage stack and modern SSD firmware interact in complex, timing‑sensitive ways. The diversity of controller implementations and firmware revisions makes exhaustive pre‑release testing practically impossible at scale; edge cases will continue to appear unless testing expands to encompass a broader set of real‑world I/O patterns. Several recent episodes (including the earlier 24H2 HMB problem) show a repeating failure mode: an OS change surfaces a latent firmware bug. That model produces difficult forensic work and a contentious blame game between OS and hardware manufacturers.
Risk to end users
- Data integrity risk is the highest impact. When drives “disappear” mid‑write, file systems can be left inconsistent. Reboots may render the drive visible again but not restore lost or corrupted files. For users without recent backups, the economic and emotional cost of data loss is high.
Who should be held accountable?
- Accountability is shared: Microsoft must validate OS‑side regressions and, where necessary, provide rapid mitigations or upgrade blocks; SSD vendors must make firmware that tolerates reasonable host behavior and publish clear firmware guidance. The most constructive path is cooperative: vendor firmware updates or a Microsoft driver/stack adjustment will likely be the technical fix, and both parties should be transparent with telemetry and guidance. Historically, that cooperative remediation model has resolved similar incidents.
What to expect next
- Vendor firmware advisories or targeted firmware updates for implicated controller families (if root cause is in firmware).
- Microsoft Release Health updates and, if necessary, an official Known Issues entry for KB5063878 that addresses storage behavior or recommends upgrade blocks for specific hardware IDs.
- Wider forensic reporting from independent storage analysts if the problem proves reproducible across a broader sample — that reporting would escalate RMA volumes and public vendor statements.
Immediate checklist (recommended actions)
- Back up critical data now to a different physical device or cloud.
- If KB5063878 is installed and you have at‑risk hardware (Phison or DRAM‑less NVMe), do not perform large sustained writes until you have vendor guidance. (notebookcheck.net)
- Check vendor firmware utilities and only apply vendor‑recommended firmware after backing up.
- Administrators: inventory and use update management tools to withhold KB5063878 from impacted fleets until validated.
- If a drive fails: power off, image the drive (for forensics), collect logs, and contact vendor support with detailed evidence.
Conclusion
The KB5063878 reports are an urgent community signal that should be treated seriously. While Microsoft’s official KB page currently lists no storage‑related known issues, independent reproductions and aggregated reporting suggest a plausible and dangerous regression that disproportionately affects certain controller families under sustained heavy writes. The responsible posture for users and IT teams is pragmatic: back up data, avoid heavy writes on recently patched systems with suspect SSDs, and wait for coordinated vendor or Microsoft guidance before resuming normal I/O patterns. Cooperative remediation between Microsoft and SSD vendors has resolved similar crises in the past; the priority now is rapid, transparent investigation and clear guidance to prevent further data loss. (support.microsoft.com) (wccftech.com)Source: igor´sLAB Windows 11 update “KB5063878” destroys SSDs: Storage error with large amounts of data, Phison controller particularly affected | igor´sLAB
