Windows Hotpatching
On July 1st, 2025, hotpatching for Windows Server 2025 which was first made available in preview in 2024 will be made widely accessible as a subscription service. In line with Azure’s adaptive cloud strategy, the most recent version of Windows Server 2025 includes hybrid and multicloud capabilities as one of its major improvements. Hotpatching is a feature that was formerly exclusive to Azure, but it is now accessible to Windows Server computers outside of Azure via Azure Arc.
How does hotpatching work?
By patching the in-memory code of current processes without requiring a process restart, Windows hotpatching is a new method of installing updates in Windows Server 2025 that eliminates the need for a reboot following installation.
The following are a few advantages of Windows hotpatching:
- Increased availability and less reboots.
- Updates that are deployed more quickly since the packages are smaller, install more quickly, and patch orchestration with Azure Update Manager is simpler.
- Because hotpatch packages don’t require a reboot schedule, they may be installed sooner. By doing this, the “window of vulnerability” that may arise from an administrator delaying an update and restarting after a Windows security update is available might be reduced.
Windows hotpatching is now free to preview, but it will be available for $1.50 USD per CPU core per month starting in July with the subscription launch for Windows Server 2025.
Although hotpatching can save a lot of time and reduce the discomfort of a conventional “patch Tuesday,” you will still need to restart your Windows servers around four times a year for baseline updates.
For many years, Windows Server Datacenter: Azure Edition hotpatching has been accessible. The internal Xbox team has really utilised it to cut down on procedures that used to take weeks to a few days. By connecting to Azure Arc, it has been able to extend these savings to on-premises and non-Azure systems running Windows Server 2025.
What are the requirements?
You must be running Windows Server 2025 Standard or Datacenter and have your server connected to Azure Arc in order to use Windows hotpatching outside of Azure, such as on-premises or in multicloud setups. Additionally, you must have a Hotpatch service subscription.
Important: If you have chosen to sample the Windows hotpatching service through Azure Arc in preview while running Windows Server 2025, you must disenroll by June 30 at the latest if you want to cancel your preview and not sign up for the service. If not, your subscription will begin on its own in July.
Hotpatching is a feature of Windows Server Datacenter: Azure Edition that you can still utilise if you’re operating on Azure IaaS, Azure Local, or Azure Stack. Both Windows Server 2022 Datacenter: Azure Edition and Windows Server 2025 Datacenter: Azure Edition come with this capability. In this instance, there are no new requirements, meaning that you are not required to Arc-enable those devices, and there is no further cost involved.
How do I enable Windows hotpatching?
First, you may use these steps to connect your server to Azure Arc if it isn’t already. You may manage virtual machines and physical servers housed on your company network, outside of Azure, or by other cloud providers using Azure Arc, which is free of charge. You may use Azure Arc to access a number of premium Azure services in addition to Windows Hotpatching, including as Azure Monitor, Microsoft Defender for Cloud, and many more. See this documentation for complete details.
Following your Azure Arc connection, log into the Azure Portal, navigate to Azure Update Manager, pick your Azure Arc-enabled server, and then choose the Windows hotpatching option as described in this guide.
The Azure Portal also allows you to manage your Windows hotpatching subscription.
What is the hotpatching schedule?
Up to eight hotpatches are offered by the hotpatch service annually. The three-month cycle consists of two months of hotpatches after the baseline month (monthly cumulative update) in the first month. The machines will require a reset throughout the baseline months. January, April, July, and October are the four scheduled baseline months.
Rarely, microsoft could have to provide a non-hotpatch update during a hotpatch month, which will also need a reboot, for security reasons. However, delivering up to eight hotpatches in a year is the aim.
Because the Windows Server hotpatching subscription is paid for on a monthly basis, your cost will remain the same for both hotpatch and non-hotpatch months of the year.
