KB5060533: Overview with user sentiment and feedback

Overview

KB5060533 is a security update released on June 10, 2025, for Windows 10 version 22H2 and related systems (OS Builds 19044.5965 and 19045.5965). This update applies to Windows 10 Enterprise LTSC 2021, Windows 10 IoT Enterprise LTSC 2021, and Windows 10 version 22H2 (all editions). It's part of Microsoft's regular monthly security update cycle, containing miscellaneous security improvements to internal Windows OS functionality.The update is cumulative, meaning it includes all previous fixes from earlier updates released in May 2025, including several out-of-band updates. Microsoft has combined the latest servicing stack update (SSU KB5059504) with this cumulative update to improve the reliability of the update process and mitigate potential issues during installation.It's important to note that this update has several known issues affecting specific device types and deployment scenarios, most notably causing boot failures on Surface Hub v1 devices. Microsoft has advised Surface Hub v1 users not to install this update and instead use KB5063159 as a replacement.

General Purpose

The primary purpose of KB5060533 is to address security vulnerabilities and provide quality improvements to Windows 10 systems. While Microsoft doesn't document specific issues addressed in this release, the update contains miscellaneous security improvements to internal Windows OS functionality. This is part of Microsoft's ongoing commitment to maintaining the security posture of Windows 10 as it approaches its end-of-support date in October 2025.The update includes the latest servicing stack components (KB5059504 - versions 19044.5911 and 19045.5911), which are critical for ensuring the reliability of future update installations. The servicing stack is the component responsible for installing Windows updates, and improvements to this component help mitigate potential issues during the update process.For organizations using Windows Server Update Services (WSUS) or deploying the standalone package from Microsoft Update Catalog, Microsoft provides specific prerequisites depending on the installation scenario. This ensures compatibility and proper installation across various deployment methods.

General Sentiment

The general sentiment toward KB5060533 appears to be cautious. While the update provides necessary security improvements, there are several known issues that may impact specific user groups. Most notably, Surface Hub v1 devices experience critical boot failures after installing this update, with users reporting "Secure Boot Violation" errors that prevent devices from starting. Microsoft acknowledged this issue and released a mitigation on July 11, 2025, to prevent additional Surface Hub v1 devices from encountering the problem.There are also reports from regular Windows 10 users experiencing startup problems after installing what they believe to be this update. Some users on Microsoft Q&A forums have reported that their Fujitsu Esprimo computers running Windows 10 no longer start properly after the update, only showing the manufacturer logo during boot.Additionally, organizations using quality update deferral policies may experience delays in receiving this update due to a metadata timestamp discrepancy, which could affect deployment planning. While Microsoft has provided workarounds for this issue, they have stated they will not change the metadata value, potentially complicating update management for some organizations.

Known Issues

• Surface Hub v1 devices may fail to start with error: "Secure Boot Violation: Invalid signature detected. Check Secure Boot Policy in Setup" after installing this update (Surface Hub 2S and 3 are not affected) Some users with Fujitsu Esprimo computers report boot failures where systems only display the manufacturer logo Blurry or unclear CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100% scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome Update deployment delays for organizations using quality update (QU) deferral policies due to metadata timestamp discrepancy (update released June 10, 2025, but metadata shows June 20, 2025) Microsoft has released KB5063159 as a fix for the Surface Hub v1 boot issue

Disclaimer: We take measures to ensure that AI-generated content is of the highest possible quality, but we cannot guarantee its accuracy and recommend that users do their own independent research. Generated on 2025-07-30 09:21 AM

Back to Knowledge Base Catalog