Bug: Windows 11 Safe Cmd OSLoader loads Explorer.exe as shell

Using BCDEdit to /Copy {default} to two new GUIDs, setting those to Safe Mode and Safe Cmd, then adding the GUIDs to {bootmgr} via /DisplayOrder, is a great way to pause the Windows boot process at a BCD boot menu, to either power off or choose a safer option when needed.

I started doing this in Windows 7 and it's worked well up until Windows 11, possibly version 24H2, where the alternate shell directive (SafeBootAlternateShell)  in the Safe Cmd OSLoader is ignored, causing Explorer.exe to load as the shell instead. This may run unwanted code integrated into Explorer.exe, or cause the system to crash if something is seriously awry within the Explorer.exe shell sub-system - so advice to "just RegEdit HKLM...WinLogin, Shell and restart" won't avoid that risk.

If I navigate the BCD boot menu via the Tab key or mouse to "Change defaults or choose other options" section below the OSLoader list, and use the Boot Options there to force Cmd as shell, that works after the usual restart and boot.  Command Prompt also works when selected from OSLoaders that launch a .wim via RAM Drive, e.g. the built-in WinRE or added WinPE, such as offered by Macrium Reflect, EaseUS To Do Backup, or your own "home-rolled" WinPE.

So there's something amiss with how Windows 11's pre-OS code interprets OSLoader settings to ignore the setting to use alternate shell , or something else at that fork in the BCD interpretation logic.

Here's what these OSLoaders look like, from a working Windows 10 22H2 system:

C:\WINDOWS\system32>BCDEdit /Enum OSLoader

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  en-US
inherit                 {bootloadersettings}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {<GUID1>}
nx                      OptIn
bootmenupolicy          Standard

Windows Boot Loader
-------------------
identifier              {<GUID2>}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Safe Mode
locale                  en-US
inherit                 {bootloadersettings}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {<GUID1>}
nx                      OptIn
safeboot                Minimal
bootmenupolicy          Standard
sos                     Yes

Windows Boot Loader
-------------------
identifier              {<GUID3>}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Safe Cmd
locale                  en-US
inherit                 {bootloadersettings}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {<GUID1>}
nx                      OptIn
safeboot                Minimal
bootmenupolicy          Standard
safebootalternateshell  Yes
sos                     Yes

It is the safebootalternateshell = Yes that is ignored, in Windows 11 24H2.