Windows PCs using Autopatch will receive hotpatch security updates by default starting May 2026

News
Rishaj Upadhyay
Rishaj Upadhyay Shield
News Editor
News
Reading time icon 2 min. read

Calendar icon Published on

Windows 11 25H2 update feature banner

Microsoft has announced that it’s about to roll out a small but important change to how Windows devices receive security updates. Starting with the May 2026 Windows security update, hotpatch updates will be enabled by default via Windows Autopatch for eligible devices managed in Microsoft Intune or through the Microsoft Graph API.

The idea behind hotpatching is simple. Security updates can be applied immediately after installation instead of waiting for a device restart. For IT teams managing thousands of devices, that restart delay often slows down how quickly systems become fully protected.

In the traditional update process, Windows installs the security patch first but activates it only after a restart. Many organizations give users several days before forcing a reboot, which stretches the time needed to reach full compliance. Hotpatch updates change that flow. Once the update installs, the protection becomes active instantly without interrupting users.

Microsoft says the results are already visible in real deployments. In internal comparisons involving companies managing between 30,000 and 70,000 devices, organizations reached 90 percent patch compliance in roughly half the time compared with the standard update process.

Image credit: Microsoft

The company further notes that more than 10 million production devices are already enrolled in hotpatch updates. However, not every system will receive them. In yesterday’s Tech Community blog post, Microsoft added that devices must meet certain prerequisites, while unsupported systems will continue using the traditional restart-based update method.

Before the default switch arrives, Microsoft is adding new controls for administrators. Starting April 1, 2026, tenant settings in Microsoft Intune will allow organizations to block hotpatch updates if they prefer the existing behavior. Moreover, devices that install the April 2026 baseline update and meet the requirements will begin receiving hotpatch updates in May.

More about the topics: hotpatch, Windows Update

Rishaj Upadhyay

Rishaj Upadhyay Shield

News Editor

Rishaj is a tech writer who has been writing professionally for over four years, with a passion for Android, Windows, and all things tech. He initially joined Windows Report as a tech journalist and is now taking over as a news editor. When he's not breaking the keyboard, you can find him cooking, or listening to music/podcasts.

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

User forum

0 messages