Tired of all the restarts? Get hotpatching for Windows Server
WRITTEN BY
/en-us/windows-server/blog/author/janine-patrick
/en-us/windows-server/blog/author/artem-pronichkin
This post was updated on July 10th, 2025 to remove free preview language since the product is generally available as of June 16, 2025.
Hotpatching for Windows Server 2025, made available in preview in 2024, is now generally available as a subscription service as of July, 2025. Hotpatching is one of many key updates in the latest release of Windows Server 2025 in addition to hybrid and multicloud capabilities, aligned with Azure’s adaptive cloud approach. With hotpatching, we are taking what was previously an Azure-only capability and now making it available to Windows Server machines outside of Azure through Azure Arc.
How does hotpatching work?
Hotpatching is a new way to install updates in Windows Server 2025 that does not require a reboot after installation, by patching in-memory code of running processes without the need to restart the process, the application, or operating system.
Some of the benefits of hotpatching include the following:
- Greater uptime with fewer reboots, instead of rebooting monthly (12 times a year) rebooting is reduced to quarterly (4 times a year).
- Faster deployment of updates as the packages are smaller, install faster, and have easier patch orchestration with Azure Update Manager (optional).
- Hotpatch packages install without the need to schedule a reboot, so they can happen sooner. This decreases the “window of vulnerability” which can result if an administrator might normally delay an update and restart after a Windows security update is released.
Azure Arc-enabled Hotpatching for Windows Server 2025 is available for a subscription of $1.50 USD per CPU core per month.
With hotpatching, you will still need to restart your Windows Servers about four times yearly for baseline updates, but hotpatching can save significant time and ease the inconvenience of a traditional “patch Tuesday.”
Hotpatching for Windows Server Datacenter: Azure Edition has been available for years. In fact, our own Xbox team has used it to reduce processes that used to take the team weeks down to just a couple of days. With Windows Server 2025, we have been able to deliver these efficiencies to on-premises and non-Azure servers through connection with Azure Arc.
What are the requirements?
To use hotpatching outside of Azure such as, on-premises or in multicloud environments, you must be using Windows Server 2025 Standard or Datacenter, and your server must be connected to Azure Arc. You will also need to subscribe to the Hotpatch service.
Important reminder: If you are currently using Windows Server 2025 and opted in to try the hotpatching service through Azure Arc in preview, you will need to disenroll if you wish to end your preview and not subscribe to the service. Otherwise, your subscription starts automatically in July 2025.
If you’re running on Azure IaaS, or Azure Local you can still use hotpatching as part of functionality of Windows Server Datacenter: Azure Edition. This feature is included both with Windows Server 2022 Datacenter: Azure Edition and Windows Server 2025 Datacenter: Azure Edition. There are no new requirements in this case, i.e. you don’t need to Arc-enable those machines, and there’s no additional cost for it.
How do I enable hotpatching?
First, if your server is not yet connected to Azure Arc, you can do so by following these steps. Azure Arc is available at no extra cost and lets you manage physical servers, and virtual machines hosted outside of Azure, on your corporate network, or other cloud providers. In addition to hotpatching, there are several paid Azure services you can access through Azure Arc, including Microsoft Defender for Cloud, Azure Monitor, and many others. For full details, refer to this documentation.
Once you are connected with Azure Arc, you will sign into the Azure Portal, go to Azure Update Manager, select your Azure Arc-enabled server, and select the hotpatching option as outlined in this documentation.
You can also manage your subscription to hotpatching through the Azure Portal as well.
What is the difference between hotpatches and traditional patches/LCUs?
At Microsoft we have traditionally shipped patches known as Latest Cumulative Updates (LCU). An LCU can have a few different types of fixes in its payload such as:
- Security fixes
- Bug fixes that are not security fixes
- New feature payload
In contrast, a hotpatch only includes security fixes which makes the patch smaller and scoped to security only. We still need to deliver on #2 and #3 above, so we synchronize these payloads once a quarter in the Hotpatching schedule.
What is the hotpatching schedule?
The hotpatch service provides up to eight hotpatches in a year. It follows a three-month cycle with the first month as a baseline month (monthly cumulative update) followed by two months of hotpatches. During baseline months the machines will need a reboot. The four planned baseline months are January, April, July and October.
On rare occasions, for security reasons we may have to ship a non-hotpatch update during a hotpatch month which will also need a reboot. But the goal will be to provide up to eight hotpatches in a year.
The Windows Server hotpatching subscription is billed monthly, so your cost will be consistent throughout the year in both hotpatch and non-hotpatch months.
Where to learn more about Windows Server
In addition to the documentation above, please check out our blog posts on Tech Community and watch the on-demand videos from the 2025 Windows Server Summit virtual event. We encourage you to try this time-saving feature and start discovering all the time you’ll save!
And don’t forget…
As you may have heard at Ignite, hotpatching is also available for Windows 11 Enterprise. Learn more about eligibility and hotpatching for Windows clients here.
*Prices are in US dollars and are subject to change
