Microsoft enhances Windows 11 Enterprise with Hotpatch, allowing devices to update without requiring a reboot

Microsoft has announced the availability of hotpatch updates for Windows 11 Enterprise, version 24H2, on x64 (AMD/Intel) systems.

This innovative feature allows organizations to install security updates without requiring a reboot, minimizing user disruptions. Hotpatching applies updates directly to in-memory processes, ensuring immediate protection against vulnerabilities.

The updates follow a quarterly cycle, with cumulative baseline updates requiring a restart in January, April, July, and October. In the following months, hot patch updates are applied without the need for a reboot.

The Windows 11 Hotpatch feature has some considerable benefits. In the official announcement, the Redmond-based tech giant says it will greatly help organizations by offering immediate security without the need to disrupt actions.

To enable hot patching, organizations need a Windows 11 Enterprise subscription and devices meeting specific requirements, including Virtualization-based Security (VBS) enabled.

To enable hotpatching for Windows client devices, you will need:

• A Microsoft subscription that includes Windows 11 Enterprise E3, E5, or F3, Windows 11 Education A3 or A5, or a Windows 365 Enterprise subscription
• Devices running Windows 11 Enterprise, version 24H2 (Build 26100.2033 or later) and with the current baseline update installed
• An x64 CPU including AMD64 and Intel (Note: Arm®64 devices are still in public preview)
• Microsoft Intune to manage deployment of hotpatch updates with a hotpatch-enabled Windows quality update policy
• Virtualization-based Security (VBS) enabled

While currently available for x64 systems, hot patching remains in public preview for ARM64 devices.

You can read more about it here.

In other similar news, Microsoft recently released the Quick Recovery Machine for Windows 11, which allows the operating system to fix itself when it encounters a screen of death.