Microsoft has taken swift action to address a significant issue affecting certain Surface Hub v1 devices running Windows 10. An emergency update has been released to resolve startup failures that some users have encountered, specifically those experiencing Secure Boot Violation errors.
Details of the Update
This predicament arose after the installation of the June 2025 Windows security update (KB5060533), which inadvertently led to boot problems exclusively on Surface Hub v1 systems operating on Windows 10, version 22H2. It’s important to note that this issue does not extend to Surface Hub 2S and Surface Hub 3 devices.
In response to the situation, Microsoft acted promptly, issuing a mitigation measure just one day after the problem was identified. This was aimed at preventing further complications for other systems following the problematic update. Subsequently, an emergency out-of-band update, designated KB5063159, was rolled out on Monday to directly tackle the startup failure issue.
According to Microsoft, “This update prevents Surface Hub v1 devices from encountering a start failure issue. The start failure issue was observed when some Surface Hub v1 devices installed the update KB5060533.” The company also paused the rollout of the KB5060533 update on June 11, 2025, to avert new devices from experiencing similar failures. Users who had previously installed updates will only receive the new updates included in the latest package.
Broader Implications of the Updates
The KB5060533 update, which triggered the startup issues, was originally intended to fix another bug that caused unexpected restarts or freezes on Hyper-V virtual machines across Windows 10, Windows 11, and Windows Server platforms. Furthermore, last week, Microsoft issued another emergency update (KB5063060) to resolve an incompatibility issue with Easy Anti-Cheat, which had caused some Windows 11 24H2 systems to experience blue screen of death errors.
In addition to these updates, Microsoft also released security patches addressing 66 vulnerabilities, including a publicly disclosed Windows SMB privilege escalation vulnerability (CVE-2025-33073) and an actively exploited WebDAV zero-day (CVE-2025-33053). The June 2025 Patch Tuesday updates specifically targeted ten critical vulnerabilities, with eight of them allowing attackers to execute remote code on unpatched devices, while the remaining two could enable privilege escalation.
