A Windows 11 cumulative update released on August 12, 2025, is triggering a serious storage regression: certain NVMe SSDs vanish from the system when subjected to sustained heavy write workloads. The update, KB5063878 (OS Build 26100.4946) for Windows 11 version 24H2, was intended to deliver security and quality fixes, but within days, community testers and independent labs independently reproduced a failure where drives disappear mid-transfer, often around the 50 GB mark. Phison, a leading SSD controller designer, has publicly acknowledged the issue and is investigating, confirming that this is not an isolated anomaly but a potentially widespread firmware interaction problem.
Microsoft's KB article initially listed only standard fixes without mentioning any storage-device failures. However, a surge of user reports and controlled tests has forced the issue into the spotlight. The failure is specific: during large, sequential writes—such as game installs, bulk backups, or archive extractions—the SSD abruptly stops responding, vanishes from File Explorer, Device Manager, and Disk Management, and often becomes inaccessible even after a reboot. In some cases, files written during the failure are corrupted or lost entirely, and partitions can go missing.
What Users and Testers Are Reporting
Multiple independent outlets and community members have converged on a consistent symptom cluster. The failure almost always occurs during sustained, sequential writes in the tens of gigabytes. Reports commonly cite a threshold near 50 GB, where the drive’s controller utilization spikes and the drive disconnects. After the disappearance, vendor utilities cannot read SMART data, and the drive may not be detected in the BIOS. A reboot sometimes restores temporary visibility, but the data written in that session is often unrecoverable.
The workload trigger is consistently reproducible in lab settings. Igor’s Lab, Guru3D, Notebookcheck, and gHacks have all published reproduction steps and model lists. The failure is not universal; many popular drives remain unaffected under identical workloads, which suggests a precise interaction between the update and specific controller firmware.
Drives and Controllers Implicated
Community compilations, while not vendor-confirmed, point to a cluster of models that appear vulnerable. Frequently mentioned drives include:
- Corsair MP600 and MP510
- Kioxia Exceria Plus G4
- SanDisk Extreme Pro M.2
- Crucial P3 Plus
- Certain WD Blue/SA series units
- Various OEM drives based on Phison PS5012-E12 and similar controllers
Conversely, drives like Samsung 990 PRO, Samsung 980 PRO, Solidigm P44 Pro, and WD Black SN7100 have been reported as unaffected in the same test rigs. It is crucial to note that firmware revisions, motherboard BIOS versions, and storage drivers can all alter exposure. No single definitive “affected models” bulletin exists from a primary vendor at this time.
Technical Analysis: Host-Firmware Interaction Under the Microscope
The failure fingerprint—a mid-write disappearance, unreadable SMART data, and potential data corruption—points strongly to a controller hang or lockup at the NVMe level. This is not a simple hardware failure but a likely consequence of a regression in the OS storage stack interacting with controller firmware.
Three technical hypotheses currently explain the phenomenon:
- Host Memory Buffer (HMB) Allocation Regression: Many of the affected SSDs are DRAM-less and rely on HMB to borrow host RAM for mapping tables. If the Windows update altered HMB allocation size, timing, or memory behavior, it could expose latent firmware bugs that only manifest under prolonged stress. Earlier Windows 11 24H2 updates changed HMB behavior and caused BSOD loops on certain WD/SanDisk models until firmware fixes were deployed.
- Driver Timing / Command Queue Regression: The update may have introduced subtle changes to NVMe driver timing, command sequencing, or completion handling. Some controllers could encounter a race condition or resource exhaustion that causes an unrecoverable hang. The mid-write disappearance and unreadable SMART data are classic signs of a controller that has stopped responding to the host.
- Firmware Bug Triggered by New I/O Profile: In this scenario, the update is a trigger, not the root cause. Vulnerable firmware always had a latent bug, but typical OS behavior rarely exposed it until this specific workload and timing combination appeared. This model fits cases where only certain firmware versions are affected and vendor firmware fixes resolve the issue.
Determining which hypothesis (or combination) is responsible requires vendor telemetry and controlled PCIe/NVMe captures. Community reproductions have provided credible trigger profiles, accelerating vendor root-cause efforts.
Vendor and Microsoft Responses
Phison publicly acknowledged being “made aware” of the industry-wide effects of KB5063878 and KB5062660, stating that affected controllers are under review and that it will provide updates and advisories to partners. This statement adds significant credibility to the community findings but stops short of assigning blame or specifying a fix timeline.
Microsoft has not yet updated the official KB article to list a known issue for storage regressions. Historically, Microsoft addresses critical regressions either through Known Issue Rollbacks (KIRs) or coordinated vendor firmware releases. Whether a KIR or guidance will appear for this cluster depends on telemetry and vendor fixes.
Other SSD vendors have remained largely silent, though some advisories suggest users check for firmware updates and avoid heavy writes until guidance arrives. The situation is evolving, and enterprise administrators should monitor Microsoft’s Release Health dashboard and vendor support channels.
Risk Assessment and Practical Guidance
Short-term risk: Localized but real. Users performing heavy writes on affected controller/firmware combinations face data corruption and potential data loss. Reboot often restores drive visibility but not data integrity.
Medium-term: The most likely resolution path involves vendor firmware fixes and potential Microsoft rollout controls. Phison’s engagement indicates collaborative remediation is underway.
Long-term systemic risk: Low for the global installed base unless telemetry shows a mass outage. The primary danger remains data integrity during affected writes.
Immediate Steps for Windows Users and Administrators
- Back up critical data to an independent device or cloud immediately. This is the only reliable protection against mid-write corruption.
- Delay installing KB5063878 if your workflow includes large sequential writes (game installs, media projects, cloning, backups) and you have not yet updated. Stage the update in a test environment that mirrors your storage hardware.
- Avoid sustained sequential writes exceeding 50 GB on drives you suspect may be vulnerable until firmware status and vendor guidance are confirmed.
- Check vendor update utilities (Corsair iCUE, SanDisk Dashboard, Kioxia tool, WD Dashboard) and apply firmware only if vendor-recommended and after backing up data. Do not flash firmware blindly.
- For managed environments: Use WSUS, SCCM, or MDM controls to block or stage KB5063878 until validated. Microsoft may issue a Known Issue Rollback; monitor for it.
- If a drive becomes inaccessible: Stop writing to the drive, capture Event Viewer and NVMe logs, image the drive for recovery (professional services recommended for critical data), and contact vendor support for diagnostics/RMA. Avoid repair or reformat attempts until you have an image if data is critical.
Treating Model Lists with Caution
Community “hit lists” are investigatory leads, not vendor confirmations. They are useful for triage but not definitive. Cross-validate: if a model appears on multiple independent lists (Igor’s Lab, Notebookcheck, gHacks), prioritize testing it in your staging environment. If only a single tester reports a model, consider it lower confidence. Check firmware dates and motherboard BIOS versions; a newer controller firmware may already include a fix.
The Broader Picture: Quality Control and Coordination
This incident highlights a recurring pain point in the Windows ecosystem: security updates that inadvertently destabilize hardware through untested interactions with third-party firmware. The collateral damage for end users can be severe: data loss, reinstallation, and downtime. For Microsoft, it is another example of patch reliability coming under scrutiny. For storage manufacturers, it is a reminder that firmware must be robust against even unexpected OS-level changes.
Yet, the coordinated response from community testers, independent labs, and a major controller vendor demonstrates the strength of a vigilant enthusiast community. Their work in identifying and reproducing the failure has provided the evidence needed to push for a fix. The next critical signals to watch are a formal Microsoft Release Health update acknowledging the regression, a detailed Phison advisory listing affected controller models and fixed firmware revisions, and any independent telemetry confirming mass failures.
Until then, the prudent course is clear: protect your data, delay risky updates, and monitor authoritative sources. The storage regression is genuine, actionable, and limited in scope—but for those affected, it can be catastrophic. Backups and cautious deployment remain your best defense.