Microsoft is set to transform the landscape of enterprise updates with the upcoming launch of its subscription-based hotpatching service for Windows Server 2025. This innovative approach marks a significant shift in how updates will be managed for businesses operating Windows Server outside of Azure.
Beginning July 1, 2025, hotpatching will transition from a complimentary preview to a paid subscription model, priced at .50 per CPU core per month. This change extends a capability that was previously exclusive to Azure users, now making it accessible for on-premises servers and hybrid environments through Azure Arc integration.
What Is Hotpatching?
Hotpatching is a cutting-edge technology that enables the installation of security and critical updates without necessitating a system reboot. Instead of interrupting services or rebooting servers, hotpatching directly updates the in-memory code of running processes.
This advancement brings Windows server deployments in line with similar technologies that Linux administrators have enjoyed for years, such as kpatch and ksplice. By allowing updates without reboots, organizations can significantly reduce disruptions while enhancing their security posture.
How Does Hotpatching Work?
The hotpatching mechanism follows a structured update cycle:
- Baseline months: In January, April, July, and October, a full cumulative update will be released, requiring a reboot to establish a new baseline.
- Hotpatch months: In the two months following each baseline month, critical patches will be deployed via hotpatches without requiring any server reboots.
This means that servers will only need to reboot approximately four times a year, rather than monthly. On rare occasions, Microsoft may issue a critical security update that requires a reboot even during a hotpatch month, but the aim remains clear: to provide up to eight rebootless hotpatches annually.
Why Is Microsoft Moving to a Paid Model?
While hotpatching was available at no additional cost during its preview phase, Microsoft is now positioning it as a premium feature for customers seeking maximum uptime, operational simplicity, and rapid security response. According to the Windows Server team at Microsoft, the value of hotpatching encompasses:
- Reduced Downtime: Maintain operations without the need for scheduling late-night or weekend reboot windows.
- Faster Updates: Smaller patches facilitate quicker deployments.
- Enhanced Security: Address vulnerabilities swiftly without delays associated with reboot coordination.
- Operational Efficiency: Streamlined change management and patch orchestration.
Internal teams at Microsoft, including the Xbox division, have already experienced notable efficiency improvements with hotpatching, completing tasks that previously took weeks in just days.
Subscription Details
| Feature | Details |
| Launch Date | July 1, 2025 |
| Price | .50 USD per CPU core per month |
| Editions Supported | Windows Server 2025 Standard and Datacenter |
| Deployment Requirement | Must be connected to Azure Arc |
| Included with Azure Editions | Datacenter: Azure Edition (no extra charge) |
| Patch Frequency | 8 hotpatches/year + 4 reboot-required baseline patches |
Organizations currently utilizing the free preview must either opt out before June 30, 2025, or they will be automatically transitioned into the paid subscription starting in July.
While hotpatching offers powerful capabilities, it does not entirely eliminate the need for traditional updates. Certain updates will still necessitate a reboot, including:
- Major non-security updates.
- .NET Framework patches.
- Driver and firmware updates.
- Emergency out-of-band security patches.
As such, administrators should still anticipate occasional downtime, albeit significantly reduced. By incorporating hotpatching into their update strategies, organizations can bolster system availability and streamline their maintenance processes.
