Source: BleepingComputer
Author: Sergiu Gatlan
URL: https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-hotpatching-support-to-windows-11-enterprise/
# ONE SENTENCE SUMMARY:
Microsoft now offers hotpatch updates for Windows 11 Enterprise 24H2, enabling background security updates without system reboots.
# MAIN POINTS:
1. Hotpatch updates are now available for Windows 11 Enterprise 24H2 (x64) users starting today.
2. Updates are applied in-memory, allowing background installation without rebooting the system.
3. Hotpatching minimizes disruptions while maintaining protection against cyberattacks.
4. Updates follow a quarterly cycle, with eight out of twelve months requiring no reboot.
5. Devices must be managed via Microsoft Intune using a hotpatch-enabled quality update policy.
6. Eligibility requires Windows 11 Enterprise 24H2, VBS enabled, and compatible Microsoft subscriptions.
7. Hotpatch support is still in public preview for Arm64 devices.
8. Admins can disable CHPE support for Arm64 via a registry key to maintain eligibility.
9. The Intune admin center auto-detects device eligibility for hotpatching.
10. Devices on Windows 10 or versions before 23H2 will continue standard monthly updates.
# TAKEAWAYS:
1. Hotpatching significantly reduces downtime by avoiding reboots after most security updates.
2. IT admins can streamline patch management using Microsoft Intune policies.
3. Compatible hardware and software configurations are essential for hotpatch eligibility.
4. Microsoft continues expanding hotpatch support across Windows platforms.
5. Arm64 support is coming but currently requires manual configuration for eligibility.