June 2025 Microsoft Updates
Windows 10, version 22H2 - June 10, 2025—KB5060533 (OS Builds 19044.5965 and 19045.5965)
[Built-in Windows OS] This update includes several security improvements to built-in Windows OS functionality.
Known issues in this update
There are reports of blurry or fuzzy CJK (Chinese, Japanese, Korean) text when Noto fonts are displayed at 96 DPI (100 percent scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The March 2025 Preview Update introduced Noto fonts in collaboration with Google for CJK languages to improve text rendering when websites or apps do not specify the appropriate fonts. The issue is due to the limited pixel density at 96 DPI, which can reduce the clarity and alignment of CJK characters. Increasing the display scaling improves text rendering, increasing clarity. Workaround: To improve text clarity, increase your display scaling to 125% or 150%. For more information, see Change your screen resolution and layout in Windows.
After installing the Surface Hub v1
Update, Surface Hub v1 devices may fail to start with the error, “Secure Boot Violation: Invalid signature detected. Check Secure Boot Policy in setup.” Surface Hub 2S and Surface Hub 3 are not affected by this issue. Solution This issue is addressed in the KB5063159 update.
Windows 10, version 22H2 - June 16, 2025—KB5063159 (OS Build 19045.5968) Out-of-band
This update includes fixes and quality improvements from KB5060533 (June 10, 2025).
Surface Hub v1
Addresses an issue where Surface Hub v1 devices failed to launch. On June 11, 2025, KB5060533 was paused for Surface Hub v1 devices to prevent new devices from experiencing this error. This out-of-band update is being offered only to Surface Hub v1 devices in place of KB5060533. If previous updates are installed, only what's new in this package will be downloaded.
Known issues in this update
CJK characters may appear blurry when Noto fonts are displayed at 96 DPI in Chromium-based browsers (Edge, Chrome).
Workaround:
Sharpness can be improved by scaling the display to 125% or 150%. See the changing screen resolution documentation for details.
Windows 10, version 1809, Windows Server, version 1809, and Windows Server 2019 - June 10, 2025—KB5060531 (OS Build 17763.7434)
[GDI and GDI+] Fixed: Some characters were rendered wide and the sample paragraph was corrupted.
[Windows Hello] Fixed an issue: Signing in with self-signed certificates with the Key Trust model was blocked.
Known issues in this update
DHCP Server service
After the update, the DHCP service may occasionally become unresponsive. This may affect IP renewal on clients.
Windows 10, version 1607 and Windows Server 2016 - June 10, 2025—KB5061010 (OS Build 14393.8148)
[Cloud Infrastructure] Fixed issue: Remote Web Access (RWA) caused connections to behave erratically.
[Windows Hello] Fixed issue: Fixed the issue of signing in with self-signed certificates.
Known issues in this update
DHCP Server service
After the update, the DHCP service may occasionally become unresponsive. This may affect IP renewal on clients.
Windows 10 (initial version released July 2015) - June 10, 2025—KB5060998 (OS Build 10240.21034)
[Built-in Windows OS] This update includes security improvements to system functionality.
Known issues in this update
There are currently no issues reported with this update.
Windows 11, version 24H2 - June 11, 2025—KB5063060 (OS Build 26100.4351) Out-of-band
[Fix for incompatibility issue with Easy Anti-Cheat] This update addresses an incompatibility issue where Windows may unexpectedly restart when opening games that use the Easy Anti-Cheat service. Easy Anti-Cheat is automatically installed with certain games to improve security and prevent cheating in multiplayer online PC games.
Note: Windows users likely haven't encountered this issue because the update causing the incompatibility issue (KB506842) wasn't rolled out to devices with Easy Anti-Cheat installed.
Known issues in this update
There are reports of blurry or indistinct CJK (Chinese, Japanese, Korean) text when displayed at 96 DPI (100 percent scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. With the March 2025 Preview Update, Noto fonts were introduced for CJK languages in collaboration with Google. This font aims to improve text rendering when websites or apps don't specify a suitable font. However, due to the limited pixel density at 96 DPI, clarity and alignment issues may occur.
Workaround
You can increase text rendering clarity by increasing the display scaling to 125% or 150%.
Windows 11, version 23H2 - June 10, 2025—KB5060999 (OS Builds 22621.5472 and 22631.5472)
This update fixes security vulnerabilities in your Windows operating system.
Windows 11, version 23H2
Important: To upgrade to this version, EKB KB5027397 must be used.
This security update includes the following quality improvements:
- This version includes all the improvements in Windows 11 version 22H2.
- There are no additional issues documented in this release.
Windows 11, version 22H2
This security update includes the improvements included in KB5058502 (May 27, 2025). The following summary lists the key issues addressed in this update:
[Graphics] Fixed: Some users were unable to connect successfully using Remote Desktop and received errors such as "The Remote Desktop Services session has ended" or "The remote desktop connection cannot be established." This issue has been addressed.
Known issues in this update
There are reports of blurry or indistinct CJK text when Noto fonts are displayed at 96 DPI (100 percent scaling) in Chromium-based browsers such as Microsoft Edge and Google Chrome. The issue occurs because the 96 DPI limitations of Noto fonts introduced in the March 2025 Preview Update negatively impact character clarity and alignment.
Workaround
You can increase text rendering clarity by increasing the display scaling to 125% or 150%.
Windows Server 2025 - June 10, 2025—KB5060842 (OS Build 26100.4349)
[Narrator] New features Added new functions to Narrator browsing mode:
n: Jumps to the next text from a link.
,: Jumps to the beginning of an item (e.g., large table, long list).
.: Jumps to the end of an item.
l: Provides quick access to a list in a document or webpage. To open Scan mode: Caps Lock + Spacebar. To launch Narrator: Windows logo key + Ctrl + Enter.
[Daylight saving time (DST)] Supports daylight saving time (DST) changes in Paraguay.
[File Explorer]
· Improved performance when opening folders containing large numbers of media files.
Fixed the issue where sometimes the location was not navigated when entering a URL in the address bar.
Fixed the issue where the address bar would overlap files in F11 full screen mode.
Fixed the issue where the context menu was slow to open when right-clicking on cloud files.
· Thumbnails of cloud files are now displayed more consistently in search results.
[GDI+] Fixed the issue where colors were distorted when the image was downscaled with GDI+.
[Get Help app] Fixed the issue where the application could not be opened on Windows Server 2025.
[Hyper-V] Fixed the error “Could not load Newtonsoft.Json file or assembly” during Quick Build.
[Live subtitles] Fixed the issue where the subtitle window was not displayed when the external monitor was disconnected.
[Mouse] Fixed the issue where custom colors selected in Accessibility > Mouse pointer and touch settings would turn white after UAC.
[Open Secure Shell (OpenSSH) (known issue)] The service was failing to start, resulting in dropped SSH connections. sshd.exe had to be started manually. This issue has been fixed.
[Remote Desktop]
Fixed rendering issues when connected to certain devices.
Fixed the unresponsiveness issue.
[Scanners] Fixed the issue where some applications could not detect that the scanner was available when the scanner was connected.
[Start menu] Fixed the color distortion in the account menu when dark and light theme is mixed.
[Task Manager] Fixed the issue of detecting HDD as SSD.
[Windows Hello] Addressed an issue where self-signed certificates were rejected when signing in with the Key Trust model.
Known issues in this update
CJK characters (Chinese, Japanese, Korean) may appear blurry at 96 DPI in Chromium-based browsers with Noto fonts. The problem occurs when the fonts are not specified properly and the screen density is insufficient.
Workaround
Screen scaling can be set to 125% or 150%. For details, refer to the "Change your screen resolution and layout in Windows" help page.
DHCP Server service
After installing this security update, the DHCP service may intermittently stop responding. This may affect IP renewal processes on clients.
Windows Server 2022 - June 10, 2025—KB5060526 (OS Build 20348.3807)
[Graphics] Fixed the issue of characters appearing too wide and paragraph distortion in the font preview area.
Fixed an issue where some extended Chinese characters in the GB18030-2022 character set were not displayed.
[Memory leak] Fixed an issue in Login Service that caused a memory leak and impacted performance (multi-user and multi-language sessions).
[Settings] Fixed the issue where the system would constantly restart and enter repair mode when the "Prohibit Access to Control Panel and PC Settings" policy was enabled.
[Windows Hello] Fixed an issue where signing in with self-signed certificates using the Key Trust model was not possible.
Known issues in this update
DHCP Server service
The DHCP service may fail to respond occasionally. This may affect IP renewal.
Windows Server, version 23H2 - June 10, 2025—KB5060118 (OS Build 25398.1665)
[Graphics] Fixed an issue where some characters in the font preview area appeared too wide.
[Memory leak] Fixed an issue where memory consumption would increase continuously in multi-user, multi-language, and remote desktop environments.
[Windows Hello] This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.
Known issues in this update
There are currently no issues reported with this update.
Windows Server 2012 - June 10, 2025—KB5061059 (Monthly Rollup)
[Built-in Windows OS] Includes various security improvements to built-in Windows OS functionality. No additional issues have been documented for this release.
Known issues in this update
There are currently no issues reported with this update.
End of support information
Support for Windows Server 2012 will end in October 2026.
Windows Server 2012 R2 ESU - June 10, 2025—KB5061018 (Monthly Rollup)
[Built-in Windows OS] Includes various security improvements to built-in Windows OS functionality. No additional issues have been documented for this release.
Known issues in this update
There are currently no issues reported with this update.
End of support information
Support for Windows Server 2012 R2 will end in October 2026.
Windows Server 2008 Premium Assurance - June 10, 2025—KB5061026 (Monthly Rollup)
[Built-in Windows OS] Includes various security improvements to built-in Windows OS functionality. No additional issues have been documented for this release.
Known issues in this update
Upon restarting after an update, you may receive the following error:
“Failed to configure Windows updates. Reversing changes. Do not turn off your computer.”
This update may appear as failed in Update History.
Workaround
This behavior is expected in the following cases:
- If an unsupported version of ESU has been installed (see KB4497181).
- If the ESU MAK key is installed but not activated.
If you have the key, verify that all prerequisites are met and that the key is active. For details, see the blog post "How to Get Extended Security Updates for Eligible Windows Devices" and the "How to get this update" section of that article.
Windows Server 2008 Premium Assurance - June 10, 2025—KB5061072 (Security-only update)
[Built-in Windows OS] Includes various security improvements to built-in Windows OS functionality. No additional issues have been documented for this release.
Known issues in this update
After updating, you may receive the following error:
"Failed to configure Windows updates. Reverting changes."
Workaround:
- The non-ESU version may have been installed.
- The same situation may occur if the ESU MAK key is not enabled.
Windows Server 2008 R2 Premium Assurance - June 10, 2025—KB5061078 (Monthly Rollup)
[Built-in Windows OS] Includes various security improvements to built-in Windows OS functionality. No additional issues have been reported.
Known issues in this update
There are currently no issues reported with this update.
End of support information
Windows Server 2008 R2 Premium Assurance will expire on January 13, 2026.
Windows Server 2008 R2 Premium Assurance - June 10, 2025—KB5061036 (Security-only update)
[Built-in Windows Operating System] This update, which includes various improvements in terms of security, does not contain any other problems.
Known issues in this update
There are currently no issues reported with this update.
End of support information
Windows Server 2008 R2 Premium Assurance will expire on January 13, 2026.
Windows 11, version 24H2 Enterprise LTSC 2024 - June 10, 2025—Hotpatch KB5060841 (OS Build 26100.4270)
After the June 2025 security update, system restore points will be stored for 60 days. You can use the "Turn on System Restore" option to restore. This 60-day limit will remain in effect for future releases.
Windows Server 2025 Datacenter Azure Edition - June 10, 2025—Hotpatch KB5060841 (OS Build 26100.4270)
Windows Server 2025 will retain restore points for 60 days after the June 2025 security update. Restores can be performed using "Open System Restore." Points older than 60 days will be deleted.
Windows Server 2022 Datacenter: Azure Edition - June 10, 2025—Hotpatch KB5060525 (OS Build 20348.3745)
Various security improvements have been made to internal operating system functionality. There are no additional documented issues for this release.
.NET 9.0 Update - June 10, 2025 (KB5061936)
.NET 9.0 has been updated to the latest update, effective June 10, 2025. This update includes both security and non-security fixes. .NET 9.0 servicing updates are upgrades. The latest servicing update for 9.0 will remove the previous 9.0 update after a successful installation.
Restart Required
After you apply this update, you may need to restart the computer if the affected files are in use.
.NET 8.0 Update - June 10, 2025 (KB5061935)
.NET 8.0 has been updated with the latest update as of June 10, 2025. This update includes both security and non-security fixes. .NET 8.0 servicing updates are upgrades. The latest servicing update for 8.0 will remove the previous 8.0 update after a successful installation.
Restart Required
After you apply this update, you may need to restart the computer if the affected files are in use.
Description of the security update for Office 2016: June 10, 2025 (KB5002730)
This security update resolves a Microsoft Office remote code execution vulnerability.
Note: To apply this security update, you must have Microsoft Office 2016 installed on your computer.
For more information;
Click here
Description of the security update for Office 2016: June 10, 2025 (KB5002616)
This security update resolves a Microsoft Office remote code execution vulnerability.
Note: To apply this security update, you must have Microsoft Office 2016 installed on your computer.
Description of the security update for Excel 2016: June 10, 2025 (KB5002735)
This security update resolves a Microsoft Excel remote code execution vulnerability.
Note: To apply this security update, you must have Excel 2016 installed on your computer.
Known issues in this update
If you try to open an Excel workbook from outside Excel whose file name contains square brackets ( [ ] ), you receive the following error message:
The file could not be accessed. Try one of the following: • Make sure the specified folder exists • Make sure the folder containing the file is not read-only. • Make sure the file name and folder path do not contain any of the following characters: < > ? [ ] : | or * • Make sure the file name and folder path do not exceed 218 characters.
Solution:
In File Explorer, rename the file by removing the square brackets.
Note: Although you can open these types of files with the Open command in Excel, we do not recommend this method.
Description of the security update for Word 2016: June 10, 2025 (KB5002710)
This security update resolves a Microsoft Word remote code execution vulnerability.
Note: To apply this security update, you must have Microsoft Word 2016 installed on your computer.
For more information;
Click hereDescription of the security update for Outlook 2016: June 10, 2025 (KB5002683)
This security update resolves a Microsoft SharePoint Server remote code execution vulnerability.
Notes:
- This is version 16.0.18526.20396 of the security update package.
- To apply this security update, you must have the release version of Microsoft SharePoint Server Subscription Edition installed on your computer.
Improvements and fixes
This security update includes improvements and fixes for the following non-security issues in SharePoint Server Subscription Edition:
- Provides a setting to hide the command bar in the list web part.
- To support GraphEndpointHost configuration, please download the latest version of the Onboard-CloudHybridSearch-SPOONS.ps1 script to try this update.
- Requires customers to use the new hybrid search endpoint.
- Fixes an issue in which you receive the following error message when you try to call EndExecuteNonQuery multiple times in a concurrent SQL session;
The 'EndExecuteNonQuery' method cannot be called more than once for the same execution. - Fixes an issue in which you receive the following error message when you upload the search schema from the SharePoint Central Administration page:
The server tag is not well formed; - Addresses an issue where the Attachments Boolean property is no longer returned when calling the SharePoint Lists REST API.
- Fixes an issue where the spinning circle in the Share Site dialog box does not disappear when you share a site from the home page.
- Fixes an encoding issue that causes mojibake when you download folders containing traditional Chinese characters.
- Fixes a SQL connection string compatibility issue between System.Data.SqlClient and Microsoft.Data.SqlClient.
- Fixes an issue that causes the text web part to not display bold text after the Microsoft Edge 135 update.
- Fixes an issue that causes the Distributed Cache service to fail to start after slipstream installations.
- Fixes an issue where the search box was not aligned on contact sites.
Known issues in this update
The flight of the new Hybrid Search feature in the Standard release ring was not successfully enabled in the May update. To enable this feature, please contact support and inquire about a workaround. This issue will be fixed in the July update.
Description of the security update for SharePoint Server 2019: June 10, 2025 (KB5002729)
This security update resolves the Microsoft SharePoint Server remote code execution vulnerability and the Microsoft Word remote code execution vulnerability.
Notes:
- This is version 16.0.10417.20018 of the security update package.
- To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on your computer.
Improvements and fixes
This security update includes a fix for the following non-security issue in SharePoint Server 2019:
- Fixes an issue that causes the Distributed Cache service to fail to start after slipstream installation.
This security update also includes a fix for Project Server:
- Fixes an issue where selected view properties, such as filter and group settings, are not preserved when the page is refreshed or the user navigates to a different page. This issue occurs in Project Server Subscription Edition and Project Server 2019. This behavior differs from the behavior in Project Server 2016, which causes the user's page settings and feature preferences to persist.
Description of the security update for SharePoint Server 2019 Language Pack: June 10, 2025 (KB5002727)
This security update resolves a Microsoft Word remote code execution vulnerability.
Notes:
- This is version 16.0.10417.20018 of the security update package.
- To apply this security update, you must have the release version of Microsoft SharePoint Server 2019 installed on your computer.
Description of the security update for SharePoint Enterprise Server 2016: June 10, 2025 (KB5002732)
This security update resolves a Microsoft Word remote code execution vulnerability.
Notes:
- This is version 16.0.5504.1001 of the security update package.
- To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on your computer.
This public update introduces Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 includes the following feature:
- SharePoint Framework (SPFx)
This public update also introduces all the features that are included in Feature Pack 1 for SharePoint Server 2016:
- Administrative Actions Diary
- MinRole improvements
- SharePoint Custom Tiles
- Hybrid Taxonomy
- SharePoint on-premises OneDrive API
- OneDrive for Business modern user experience (available to Software Assurance customers)
The OneDrive for Business modern user experience requires an active Software Assurance agreement when the experience is enabled, either through installation of a public update or manual activation. If you don't have an active Software Assurance agreement at the time of activation, you must turn off the OneDrive for Business modern user experience.
Improvements and fixes
This security update includes a fix for the following non-security issue in SharePoint Enterprise Server 2016:
- Fixes an issue that causes the Distributed Cache service to fail to start after slipstream installations.
For more information;
Click here
Description of the security update for SharePoint Enterprise Server 2016 Language Pack: June 10, 2025 (KB5002731)
This security update resolves a Microsoft Word remote code execution vulnerability.
Notes:
- This is version 16.0.5504.1001 of the security update package.
- To apply this security update, you must have the release version of Microsoft SharePoint Enterprise Server 2016 installed on your computer.
This public update introduces Feature Pack 2 for SharePoint Server 2016. Feature Pack 2 includes the following feature:
- SharePoint Framework (SPFx)
This public update also delivers all the features that are included in Feature Pack 1 for SharePoint Server 2016, including:
- Administrative Actions Diary
- MinRole improvements
- SharePoint Custom Tiles
- Hybrid Taxonomy.
- SharePoint on-premises OneDrive API
- OneDrive for Business modern user experience (available to Software Assurance customers)
The OneDrive for Business modern user experience requires an active Software Assurance agreement when the experience is enabled, either through installation of a public update or manual activation. If you don't have an active Software Assurance agreement at the time of activation, you must turn off the OneDrive for Business modern user experience.
For more information;
Click Here
Description of the security update for Office Online Server: June 10, 2025 (KB5002728)
This security update resolves a Microsoft Excel remote code execution vulnerability.
Notes:
- This is version 16.0.10417.20018 of the security update package.
- To apply this security update, you must have the release version of Microsoft Office Online Server installed on your computer.
