According to Microsoft, the no-reboot security updates that fix Windows vulnerabilities have not yet resulted in the biggest month of security issues. A recent update added a mysterious folder that caused fuzzy discussions among leaders and social media users, with experts advising systems to delete it. Microsoft released a advisory stating the update opens a pathway to a more potent Windows attack, highlighting the complexities in the security update process.
As reported, Windows hotpatching is a feature that disables the need to restart your computer after an update, especially important for users of Windows Server 2025. The feature became available in preview mode since 2024 and will be a subscription-only service from July 1. To use it, you need a Windows Server 2025 Standard or Datacenter, connected to Azure Arc, with an annual fee of $1.50 USD per CPU core per month.
Hotpatching is available for all Windows Server customers on Azure, without charge, but only through the subscription service. Without hotpatching, updates would require a new patch on Patch Tuesday. Microsoft claims no-reboot hotpatching can save time and inconvenience by preemptively handling boot times and errors.
The consequences of not having hotpatching in Windows 2025 can still occur if updates are applied after an update. However, hotpatching offers more convenience in some scenarios, serving as an alternative to traditional hotpatching.
For those without Windows Server 2025, there is at least a chance to patch their applications using hotpatching if they have the license, even with the subscription fees. This centers the security issues in the Payment Services Kit, which Microsoft aims to secure for future updates.
Winwalk is a hidden feature that can mislead security professionals and make it difficult to isolate Windows applications. Beyond hotpatching, hardware deactivation is a major issue, and changes in threat models are altering security strategies, complicating the integration of hotpatching and hardware protection.
