Microsoft explains how Windows Server Hotpatching works

Martin Brinkmann
Feb 22, 2022

Last year, Microsoft described its work on hotpatching Windows Updates to apply updates on the fly to Windows systems and remove the need to reboot the systems to install the updates. A new blog post on Microsoft's Tech Community website announces the introduction of Hotpatching support in Azure Automange for Windows Server. Microsoft released Windows Server 2022 recently.

windows hotpatch image format

Hotpatching offers several advantages over traditional means of installing updates on Windows machines. Microsoft highlights the three core benefits in the blog post:

  • Fewer reboots, which improves availability.
  • Faster deployment, as update packages "are smaller, install faster, and have easier patch orchestration".
  • Improved protection, as security updates may be installed immediately instead of scheduling a reboot.

Hotpatching works by "establishing a baseline with a Windows Update Latest Cumulative update" according to Microsoft. The company plans to release hotpatches periodically that build on that baseline, and these updates won't require a reboot. The baseline is refreshed with new cumulative updates then periodically as well.

windows server hotpatching

Hotpatches could be released on every Patch Tuesday (once a month), and new baselines could be released every three months. In the best case, servers would need to be rebooted four times per year, when new baselines are applied.

Microsoft distinguishes between planned and unplanned baselines Planned baselines are released on a regular cadence to move the system to a new baseline. Hotpatches may then be installed in between these planned baseline releases.

Unplanned baselines are needed to patch systems if hotpatching cannot be used for a particular patch. Microsoft mentions fixes for 0-day vulnerabilities in particular. These unplanned baseline releases do require a reboot and include all content of the latest cumulative update.

Updates may be installed outside of the Hotpatch program according to Microsoft, but it requires disabling and unenrolling hotpatching to return to the default updating behavior for Windows Server. Reenrolling is possible at any time.

The rest of the announcement offers implementation details for server administrators.

Closing Words

Hotpatching improves the availability of Windows Server by reducing the number of update-related reboots over time. Additionally, security updates that are deployed via hotpatching are applied immediately instead of requiring a restart (immediately or on schedule); this reduces the time the machine is vulnerable to potential attacks targeting the vulnerability.

Microsoft is working on bringing the hotpatching functionality to a "wider set of Windows customers". It is unclear if this will include consumer versions of Windows.

Now You: what is your take on hotpatching? Would you use it? (via Deskmodder)

Microsoft explains how Windows Server Hotpatching works
Article Name
Microsoft explains how Windows Server Hotpatching works
A new blog post on Microsoft's Tech Community website announces the introduction of Hotpatching support in Azure Automange for Windows Server.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. davdb said on February 23, 2022 at 11:01 pm

    Better testing >>> fewer bugs >>> less patches >>> drop in reboots. Debugging this system will be a b*$#^h and beyond the new hires M$ uses.

  2. piomiq said on February 22, 2022 at 10:18 pm

    For sure this solution needs different filesystem than ancient NTFS, and the most likely such server will require to be installed on extfat.
    The issue with NTFS is that this fs doesn’t release opened already file, so that’s why often needs to be restarted after update.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.