On July 8, 2025, Microsoft released the KB5062554 cumulative update for Windows 10, targeting versions 21H2, 22H2, Windows 10 Enterprise LTSC 2021, and Windows 10 IoT Enterprise LTSC 2021. This update, corresponding to OS Builds 19044.6093 and 19045.6093, introduces critical security patches and quality enhancements aimed at improving system stability and performance. Additionally, Microsoft has provided a servicing stack update (KB5063706) to bolster the reliability of the update process.
Key Details of the Update
The KB5062554 update addresses a total of 130 vulnerabilities, categorized as follows:
– 41 Remote Code Execution vulnerabilities
– 53 Elevation of Privilege vulnerabilities
– 18 Information Disclosure vulnerabilities
– 5 Denial of Service vulnerabilities
– 4 Spoofing vulnerabilities
– 1 Data Tampering vulnerability
– 8 Security Feature Bypass issues
These security improvements are designed to fortify the Windows operating system against potential threats and exploits.
Security and Quality Enhancements
Incorporating fixes from previous updates, KB5062554 includes:
– June 10, 2025—KB5060533 (OS Builds 19044.5965 and 19045.5965)
– June 24, 2025—KB5061087 (OS Build 19045.6034, Preview)
While specific issues are not detailed in the release notes, Microsoft emphasizes that this update brings miscellaneous security improvements to internal Windows OS functionality. Users are encouraged to consult the Microsoft Security Response Center (MSRC) Security Update Guide for comprehensive information on the addressed vulnerabilities.
Windows Secure Boot Certificate Expiration
An important notice accompanies this update regarding Secure Boot certificates, which are set to expire starting in June 2026 for most Windows devices. Failure to update these certificates may disrupt the secure boot process on both personal and business devices. Microsoft advises users to review the guidance on Windows Secure Boot certificate expiration and Certificate Authority (CA) updates to proactively update certificates and prevent potential issues.
Servicing Stack Update
The update includes a servicing stack update (SSU) for OS Builds 19044.6088 and 19045.6088. The SSU enhances the reliability of the update process, mitigating potential installation issues. Microsoft now combines the latest SSU with the cumulative update (LCU) to streamline deployment.
Known Issues
Microsoft has identified a known issue related to Noto fonts, particularly affecting the clarity of Chinese, Japanese, and Korean (CJK) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. This issue arises due to limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves clarity by enhancing text rendering. Microsoft has shared its findings on the blurry text issue at 96 DPI, along with potential solutions with Google for further discussion. For additional support, users can report issues related to Noto CJK fonts through the official Google Noto Fonts GitHub repository.
How to Obtain the Update
Users can acquire the KB5062554 update through the following methods:
– Windows Update: Devices connected to Windows Update will automatically download and install the update.
– Microsoft Update Catalog: Users can manually download the standalone package from the Microsoft Update Catalog.
– Windows Server Update Services (WSUS): For enterprise deployments, the update is available via WSUS.
Prerequisites
For devices without the May 11, 2021 (KB5003173) or later LCU, the standalone August 10, 2021 SSU (KB5005260) must be installed first.
For offline OS image servicing, if the image lacks the July 25, 2023 (KB5028244) or later LCU, the standalone October 13, 2023 SSU (KB5031539) must be installed before applying this update.
Conclusion
Microsoft strongly recommends that users install the KB5062554 update promptly to ensure their systems are protected against the latest security vulnerabilities and to benefit from quality improvements. For detailed information on the update, including vulnerability details, users can refer to the MSRC Security Update Guide or the Windows 10, version 22H2 update history page.
