A critical storage bug in Microsoft's August 2025 Patch Tuesday update for Windows 11 version 24H2 is causing NVMe and SATA SSDs to vanish mid-transfer, sometimes taking data with them. Multiple independent testers have confirmed that sustained writes of around 50GB or more can trigger the failure, leaving drives inaccessible and, in rare cases, permanently bricked. The cumulative update, tracked as KB5063878 (OS Build 26100.4946), has drawn a swift response from both Microsoft and SSD controller maker Phison, which acknowledged it is "working with partners" to understand and fix the issue.
How the Bug Surfaces
Within days of the update's release on August 12, 2025, a Japanese user known as @Necoru_cat on X (formerly Twitter) published methodical tests showing repeatable failures during large file writes. The pattern was consistent across multiple test benches and forum threads: during a sustained write, the drive would stop responding, disappear from File Explorer and Device Manager, and sometimes never reappear without vendor-level intervention. Reboots restored visibility for many drives, but files being written at the time were often corrupted or truncated.
The trigger is now well-documented. Writing files larger than roughly 50GB, especially to drives that are more than 60% full, pushes the target SSD into an unrecoverable state. The drive's SMART data becomes unreadable, and in some cases the entire drive reports as RAW or uninitialized. The issue was reproducible on SATA SSDs as well, though NVMe drives were more prominently represented in early reports.
The Timeline of a Growing Crisis
- August 12, 2025: Microsoft publishes KB5063878 for Windows 11 24H2, a security update that also fixes sign-in delays caused by certain preinstalled packages.
- Mid-August: Community test reports surface describing drives "vanishing" during sustained writes. Multiple outlets replicate the symptoms.
- August 18–20: Phison publicly acknowledges it has been made aware of "industry-wide effects" and is investigating with partners. Microsoft tells media outlets, "We're aware of these reports and are investigating with our partners."
Technical Deep Dive: Why Drives Are Disappearing
Modern SSD reliability depends on tight coordination between the operating system's storage stack and the controller firmware. The symptoms point to a workload-triggered interaction that exposes a firmware edge case—likely in how the drive handles large sequential writes when its internal caches are under pressure.
Two host-side patterns are suspected:
- Drive fill level: Drives more than 50–60% full exhibit higher failure rates, possibly because spare area and SLC cache windows shrink, increasing the burden on garbage collection and mapping-table updates.
- DRAM-less designs: Many cost-optimized SSDs omit onboard DRAM and instead use the Host Memory Buffer (HMB) to store mapping tables. If an OS update changes HMB allocation behavior—as was seen earlier in the 24H2 release cycle with certain WD drives experiencing BSODs—the controller may encounter states it cannot handle.
Sustained sequential writes push controllers into extended use of caching and background operations. When free space is limited, the controller has less headroom, raising the chance that a latent firmware bug will trigger a fatal lockup. Community tests consistently show that splitting large transfers into smaller chunks avoids the failure, confirming the workload-sensitivity of the bug.
Affected Hardware: A Murky Picture
@Necoru_cat's testing covered 21 SSDs from Samsung, WD, Seagate, Corsair, SK hynix, Crucial, Solidigm, ADATA, HP, XPG, and Hanye. Most failures were classified as "NG Lv.1"—the drive disappeared but recovered after a reboot. However, one drive, the WD Blue SA510 2TB SATA SSD, suffered "NG Lv.2" failure: even after a reboot, data was unrecoverable.
Independent reports in forums and from outlets like Tom's Hardware have expanded the list of potentially affected models to include:
- Corsair Force MP600
- SSDs using the Phison PS5012-E12 controller
- KIOXIA EXCERIA PLUS G4 and other KIOXIA M.2 SSDs
- Fikwot FN955
- SSDs using the InnoGrit controller
- Maxio SSDs
- SanDisk Extreme Pro 3D
Phison controllers appear disproportionately in these reports, which prompted the company's public statement. However, it's crucial to understand that these are early, community-sourced leads, not an official definitive list. Firmware revision, drive capacity, and host hardware all affect reproducibility. The appearance of other controller families and even a few HDD reports suggests the root cause may not be limited to a single silicon design.
Vendor Responses
Phison's August 19 statement was direct: "Phison has recently been made aware of the industry-wide effects of the 'KB5063878' and 'KB5062660' updates on Windows 11 that potentially impacted several storage devices, including some supported by Phison. We understand the disruption this may have caused and promptly engaged industry stakeholders. ... At this time, the controllers that may have been affected are under review and we are working with partners."
Microsoft's acknowledgment was more guarded, but the public request for feedback through official channels and the engagement with Phison signal that a fix is in the works. Notably, as of late August 2025, no storage-related known issues were listed in the KB article, a gap that has fueled community-led investigations.
Risk Assessment: What's at Stake
The immediate danger is data loss. Files being written when the failure hits can become corrupted or truncated. In rare cases, the drive itself may become permanently inaccessible, requiring vendor recovery or replacement. For enterprise environments that deploy patches broadly without staging rings, a fleet-wide storage meltdown is a credible nightmare scenario.
Beyond individual data integrity, the incident erodes trust in automatic patching. When a monthly security update can trigger hardware-level failures, users may delay critical fixes, increasing overall vulnerability. The communication gap—no official list of affected drives and a slow response—only deepens the frustration.
How to Protect Your System Right Now
Backup immediately. Follow the 3-2-1 rule: three copies of your data, on two different types of media, with one off-site. A cloud backup alongside an external SSD is a practical modern implementation.
Avoid large sequential writes on systems that have installed KB5063878 or the preview KB5062660. Game installations, mass media transfers, and archive extractions should be split into smaller chunks or throttled until a fix arrives. Testing shows that smaller I/O operations are far less likely to trigger the bug.
For system administrators:
- Pause broad deployment of the August 2025 updates using WSUS, SCCM, or other management tools.
- Stage the update on a representative sample of hardware and monitor for storage anomalies.
- Identify endpoints with at-risk SSD models (especially those with Phison controllers) and prioritize them for rollback or exclusion.
- Coordinate with storage and firmware vendors for validated firmware updates before rolling out any OS updates.
Recovery Steps If a Drive Disappears
- Stop all activity immediately. Do not attempt further writes to the affected drive.
- Power off the system. If data is valuable, create a forensic image of the drive using tools like
dd(with extreme caution) before any recovery attempts. - Attempt safe re-enumeration. Reseat the drive, test on a different host, or use vendor software to query SMART. If the drive reappears, copy critical data off immediately.
- If the drive remains inaccessible, contact the SSD vendor. They can advise on firmware reflashes, low-level recovery, or RMA. Do not attempt unsanctioned low-level operations, as they may void warranties.
- For drives that recover after a reboot, treat all files written during the failure window as suspect. Verify checksums or re-download data when possible. Consider reformatting after imaging, if the vendor recommends it.
Broader Implications and Lessons
This incident underscores a perennial truth: modern storage is a co-engineered system where even a small host-side change can expose latent firmware edge cases. The tighter the integration—especially with HMB in DRAM-less SSDs—the greater the potential for fragile interactions. It's a stark reminder that vendor-signed updates are no guarantee against hardware regressions.
Communication matters. Timely, transparent advisories with clear lists of affected controller families and firmware versions are essential to prevent panic and unnecessary RMAs. While community testing has been invaluable for rapid triage, it cannot substitute for vendor telemetry and validated fixes. The industry would do well to establish better pathways for such outbreaks, perhaps through coordinated release health dashboards.
What Comes Next
Both Microsoft and Phison are investigating. The most likely remediation path is a firmware update from SSD vendors, distributed through OEM channels and vendor toolboxes. Microsoft may also issue a Release Health note for KB5063878, documenting the issue and offering mitigation guidance. In the meantime, the community's methodical reproductions have forced the industry's hand, and that pressure will almost certainly accelerate the fix process.
For now, the pragmatic defense remains conservative: back up everything, stage updates carefully, and keep those large file transfers on hold. When your SSD's very existence depends on the next Patch Tuesday, a little caution goes a long way.