Patchday: Windows Server-Updates (June 10,  2025)

Posted on 2025-06-11 by guenni

Windows[English]On June 10, 2025 (second Tuesday of the month, Patchday at Microsoft) various cumulative updates were released for the supported versions of Windows Server. Below I have extracted the provided updates including some details for these Windows Server versions (from Windows Server 2012 to 2025).


The updates listed below fix the vulnerabilities described in Microsoft Security Update Summary (June 10, 2025) that are relevant for Windows Server.

Updates for Windows Server 2025

The updates listed below fix the vulnerabilities described in the Microsoft Security Update Summary (June 10, 2025) that are relevant for Windows Server, and a list of updates for Windows Server 2025 can be found on this Microsoft website. For Windows Server 2025, the cumulative update KB5060842 has been released, which includes security patches and the following fixes:

  • [Narrator] New! There are new functions for Narrator scan mode. Skip past links (n) allows you to go to the text after a link. Use the comma (,) to jump to the start of an item (large table, long list, or another item.) Use the period (.) to jump to the end of an item. This is most helpful when you read long emails, news articles, and wiki pages. Jump to lists (l) allows you to quickly access a list on a web page or in a document. To use these new functions, turn on Narrator first (Windows logo key + Ctrl + Enter). Then turn scan mode on by pressing Caps lock + Spacebar. Note that scan mode is on by default on most web pages (like news articles, wiki page, and so on).
  • [Daylight savings time (DST)] This update supports (DST) changes in Paraguay.
  • [File Explorer]
    • ​​​​​​​Fixed: Improves performance when it loads folders that have a large number of media files.
    • Fixed: When you enter a URL in the address bar, it might not go to the location.
    • Fixed: The address bar overlaps files when you use the F11 full-screen mode.
    • Fixed: The context menu opens slowly when you right-click cloud files.
    • Thumbnails for cloud files display more consistently in search results.
  • [GDI+] Fixed: After you use GDI+ to shrink an image, the colors of the image might be wrong.
  • [Get Help app] Fixed: It fails to open on Windows Server 2025.
  • [Hyper-V] Fixed: Hyper-V Quick Create shows error "Could not load file or assembly Newtonsoft.Json".
  • [Live captions] Fixed: If you disconnect an external monitor, the live captions window might not show.​​​​​​​
    [Mouse] Fixed: In Settings Accessibility > Mouse pointer and touch, you can choose a color for the mouse that is not the default. When you choose a color, it reverts to white after the User Account Control (UAC) dialog appears.
    [Open Secure Shell (OpenSSH) (known issue)] Fixed: The service fails to start, which stops SSH connections. There is no detailed logging, and you must run the sshd.exe process manually.
    [Remote Desktop]

    • ​​​​​​​​​​​​​​Fixed: There are display rendering issues when you connect to certain PCs.
    • Fixed It stops responding.
  • [Scanners] Fixed: Apps might not recognize a scanner is available when it is connected.
  • [Start menu] Fixed: The colors are wrong when you open the account manager flyout menu. This occurs when you use a mixed dark and light custom mode in Settings > Personalization > Colors.​​​​​​​
  • [Task Manager]​​​​​​​ Fixed: It might identify a Hard Disk Drive (HDD) as a Solid State Drive (SSD).​​​​​​​
  • [Windows Hello]​​​​​​​ Fixed: This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The latest Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update and installation requirements are listed in the support article.

Updates for Windows Server 2022/23H2

The following updates are available for Windows Server 2022 and Windows Server 23H2.

Update KB5060118 for Windows Server 23H2

A list of updates for Windows Server 23H2 can be found on this Microsoft website. The cumulative update KB5060118 has been released for Windows Server 23H2, which contains security patches and the following fixes.

  • [Graphics]​​​​​​​ Fixed: An issue where some characters appear wider than standard characters, and the sample paragraph in the font preview section doesn't display correctly.
  • [Memory leak] Fixed: This update addresses an issue in the Input Service that causes increased memory usage, potentially impacting performance in multi-user, multilingual, and remote desktop environments.
  • [Windows Hello] Fixed: This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The latest Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update (Citrix) and installation requirements are listed in the support article.

Update KB5060526 for Windows Server 2022

A list of updates for Windows Server 2022 can be found on this Microsoft website. The cumulative update KB5060526 has been released for Windows Server 2022, which raises the OS build to 20348.3454. The update contains security patches and the following fixes:

  • [Graphics]
    • Fixed: An issue where some characters appear wider than standard characters, and the sample paragraph in the font preview section doesn't display correctly.
    • ​​​​​​​Fixed: This update addresses an issue where some GB18030-2022 characters don't display correctly within the extended Chinese character set.
  • [Memory leak] Fixed: This update addresses an issue in the Input Service that causes increased memory usage, potentially impacting performance in multi-user, multilingual, and remote desktop environments.
  • [Settings] Fixed: This update addresses an issue in the Settings app where turning on the "Prohibit Access to Control Panel and PC Settings" policy could make the system repeatedly restart and automatically enter repair mode.
  • [Windows Hello] ​​​​​​​Fixed: This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.​​​​​​​

This update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog and via WSUS and WUfB. The current Windows Servicing Stack Update is integrated in the patch. Any problems caused by the update and installation requirements are listed in the support article.

Updates for Windows Server 2016/2019

A list of updates for Windows Server 2016 and 2019 can be found on this Microsoft website. I have extracted the relevant update information below.

Update KB5060531 for Windows Server 2019

Cumulative Update KB5060531 is not only available for Windows 10 2019 Enterprise LTSC etc., but also for Windows Server 2019. The update contains security fixes, improvements and bug fixes:

  • [GDI and GDI+] Fixed: Some characters were rendered wider, and the sample paragraph was broken.
  • [Windows Hello] Fixed: This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation sequence described in the support article and, if applicable, the notes on further requirements and any existing issues.

Update KB5061010 for Windows Server 1607

Cumulative Update KB5061010 is not only available for Windows 10 2016 Enterprise LTSC, but also for Windows Server 2016. The update includes security fixes, bug fixes and improvements that may be listed in the support article.

  • [Cloud Infrastructure] Fixed: Remote Web Access (RWA) was causing remote connections to act unpredictably.
  • [Windows Hello] Fixed: This update addresses an issue that prevents users from signing in with self-signed certificates when using Windows Hello for Business with the Key Trust model.

The update is automatically downloaded and installed by Windows Update, but is also available in the Microsoft Update Catalog, via WSUS and WUfB. Microsoft has also updated the Service Stack Update (SSU). Please note the installation requirements described in the support article and any notes on existing problems.is not only available for Windows 10 2016 Enterprise LTSC, but also for Windows Server 2016. The update includes security fixes, bug fixes and improvements that may be listed in the support article.

Updates for Windows Server 2012 / R2

Windows Server 2012/R2 will no longer be supported in October 2023 and will only receive updates with an ESU license. Please note the installation order for Windows Server that Microsoft provides in the KB articles. The installation of this extended security update (ESU) may fail if installed on an Azure Arc-enabled device.

Update KB5058403 for Windows Server 2012 R2

The update history for Windows Server 2012 R2 can be found on this Microsoft page. For Windows Server 2012 R2, update KB5061018 (Monthly Rollup for Windows Server 2012 R2) has been released for systems with an ESU license. The update fixes various vulnerabilities and brings internal, undocumented fixes.

This update is automatically downloaded and installed by Windows Update in Windows Server 2012 R2, but is also available in the Microsoft Update Catalog and via WSUS. Details on fixes and any known problems in connection with the update are listed in the support article.

There is no security-only update for Windows Server 2012 R2.

Update KB5061059 for Windows Server 2012

The update history for Windows Server 2012 can be found on this Microsoft page. Update KB5061059 (Monthly Rollup for Windows Server 2012) has been released for Windows Server 2012 with ESU license. It contains unspecified security patches and bug fixes.

This update is available in the Microsoft Update Catalog and via WSUS. For a manual installation, the latest Servicing Stack Update (SSU) must be installed beforehand – although this SSU can no longer be uninstalled. Problems in connection with the update are listed in the KB article.

There is no security-only update for Windows Server 2012.

If in doubt, details on the above updates can be found in the respective Microsoft KB articles.

Similar articles:
Microsoft Security Update Summary (June 10, 2025)
Patchday: Windows 10/11 Updates (June 10,  2025)
Patchday: Windows Server-Updates (June 10,  2025)
Patchday: Microsoft Office Updates (June 10, 2025)

Windows 10/11: Preview Updates May 27, 28,2025
Attention: June 2025 Patchday closes vulnerability CVE-2025-33073 in Windows

This entry was posted in Security, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *