“`html
Microsoft has deployed its most recent cumulative update for Windows 10, versions 21H2 and 22H2, along with Windows 10 Enterprise LTSC 2021 and Windows 10 IoT Enterprise LTSC 2021.
This update, designated as KB5062554 (OS Builds 19044.6093 and 19045.6093), encompasses significant security enhancements and quality upgrades aimed at improving system stability and efficiency. Moreover, Microsoft released a servicing stack update (KB5063706) to bolster the reliability of the update procedure.
Alongside the July 2025 Patch Tuesday, Microsoft unveiled this update, which addresses 130 vulnerabilities, fixing 41 Remote Code Execution issues, 53 Elevation of Privilege vulnerabilities, 18 Information Disclosure problems, 5 Denial of Service incidents, 4 Spoofing threats, 1 Data Tampering vulnerability, and 8 Security Feature Bypass concerns.
Key Aspects of the Update
This update is pertinent to the following systems:
- Windows 10, version 22H2 (all editions)
- Windows 10 Enterprise LTSC 2021
- Windows 10 IoT Enterprise LTSC 2021
Security and Quality Enhancements
The KB5062554 update includes corrections and upgrades from prior updates, such as:
- June 10, 2025—KB5060533 (OS Builds 19044.5965 and 19045.5965)
- June 24, 2025—KB5061087 (OS Build 19045.6034, Preview)
Microsoft emphasized various security improvements to the underlying Windows OS components, although specific issues were not elaborated on in the release notes. This update addresses vulnerabilities mentioned in the July 2025 Security Updates, which are available on the Microsoft Security Response Center (MSRC) Security Update Guide.
Expiration of Windows Secure Boot Certificates
Microsoft issued a crucial advisory concerning Secure Boot certificates, which are slated to expire beginning in June 2026 for the majority of Windows devices.
This expiration could potentially hinder secure booting on personal and corporate devices if not resolved. Microsoft advises reviewing the guidance on Windows Secure Boot certificate expiration and CA updates and taking proactive measures to renew certificates to prevent potential complications.
The update includes a servicing stack update (SSU) for OS Builds 19044.6088 and 19045.6088. The SSU improves the reliability of the update mechanism, reducing the likelihood of installation challenges. Microsoft now merges the latest SSU with the cumulative update (LCU) to facilitate deployment.
Microsoft noted an acknowledged issue related to Noto fonts, although specific details were not included in the release notes. Users can obtain additional information via the Windows release health dashboard or the Windows message center.
Procedure to Acquire the Update
- Windows Update: Devices connected to Windows Update will automatically acquire and install the update.
- Microsoft Update Catalog: Users may manually download the standalone package from the Microsoft Update Catalog.
- Windows Server Update Services (WSUS): For enterprise implementations, the update is accessible via WSUS.
For devices lacking the May 11, 2021 (KB5003173) or later LCU, the standalone August 10, 2021 SSU (KB5005260) must be installed initially.
For offline OS image servicing, in the event that the image does not include the July 25, 2023 (KB5028244) or later LCU, the standalone October 13, 2023 SSU (KB5031539) must be installed prior to applying this update.
Microsoft encourages users to install the KB5062554 update without delay to ensure systems are safeguarded against the most recent security vulnerabilities and to benefit from quality enhancements.
For comprehensive information regarding the update, including vulnerability specifics, users can refer to the MSRC Security Update Guide or the Windows 10, version 22H2 update history page.
“`