Happy new year everyone!
Let’s start 2025 with a post on Hotpatch. In this post I will take a look at what it is, where you can use it and last but not least, how to configure Hotpatch.
Enjoy!
Introducing Windows 11 Enterprise Hotpatch
Hotpatch is a really cool feature that helps to optimize the process of installing updates on your endpoints. It’s currently available for Windows Server (2022 and 2025 on Azure) and in public preview for Windows 11 Enterprise (build 24H2).
In this post I will focus on Windows 11 Enterprise. So how does Hotpatch work for Windows 11 Enterprise?
There are two types of updates you need to be aware of:
- Baseline updates
These are your regular cumulative updates (containing security, quality, feature and previous updates) which require a reboot. These updates will be installed at the beginning of each quarter.
- Hotpatch updates
These updates only contain security updates and will not require a reboot to complete the update procedure. They will be installed in the remaining two months of each quarter.
So what would an update cycle look like?
Prerequisites
There are a couple of prerequisites for Windows 11 Enterprise Hotpatch to work:
- You need one of the following licenses: business premium, A3/E3 or higher or F3 license.
- Virtualization based security (VBS) needs to be enabled.
- ARM64 devices must disable compiled hybrid PE usage.
- The operating system has to run Windows 11 Enterprise build 24H2.
- Enrolled devices must have the latest baseline installed before Hotpatch updates will be applied.
Did you know that Hotpatch is also supported for Windows 365? Of course you will need the correct Windows 11 build running on your Cloud PC.
Configuring Windows 11 Hotpatch updates
Let’s find out how to configure Hotpatch for Windows 11 devices. Sign into the Microsoft Intune admin center, Devices, Manage updates, Windows Updates. Make sure to select the quality updates tab. Click the + Create button and select + Windows quality update policy (preview).
Fill in the basics like a name and optionally a description.
Enable the When available, apply without restarting the device (“Hotpatch”). setting.
Assign the policy:
Finish up by taking a moment to admire your awesome work and select the Create button.
That’s all there is to it!
Hotpatch reporting
Did you know that Microsoft also released a report for Hotpatch? You can find it under Reports, Windows Autopatch section, Windows quality updates, Reports tab. The report is called Hotpatch quality updates (preview).
My report is empty since I just configured it, but I do wanted to provide a screenshot so you know what information you can expect:
Resources
I used the following resources for this post:
Hotpatch updates | Microsoft Learn
