Windows Server 2025 Hotpatching Service to be Rolled Out From July 1st, 2025

Microsoft has confirmed that its hotpatching feature for Windows Server 2025, which has been in preview since 2024, will transition to a paid subscription model starting July 1st, 2025. 

The announcement, made by Janine Patrick, Windows Server Product Marketing Manager, and Artem Pronichkin, Senior Program Manager, marks a significant shift in how organizations can manage their server maintenance schedules.

Hotpatching allows system administrators to install OS security updates without requiring a reboot after installation. It works by patching the in-memory code of running processes without needing to restart the process. 

This technology has been available for Windows Server Datacenter: Azure Edition for years, but Windows Server 2025 extends this capability to on-premises and non-Azure servers through Azure Arc.

“With hotpatching, you will still need to restart your Windows Servers about four times yearly for baseline updates, but hotpatching can save significant time and ease the inconvenience of a traditional ‘patch Tuesday,'” Microsoft stated in their announcement.

Subscription Details and Requirements

Starting July 1st, 2025, organizations wishing to continue using hotpatching for Windows Server 2025 will need to pay $1.50 USD per CPU core per month. 

This pricing remains consistent throughout the year, regardless of whether a particular month features hotpatches or baseline updates.

To implement hotpatching outside of Azure environments (such as on-premises or multicloud), users must:

• Run Windows Server 2025 Standard or Datacenter edition.
• Connect their server to Azure Arc.
• Subscribe to the Hotpatch service.

Importantly, organizations currently enrolled in the preview program will need to disenroll before June 30th if they wish to avoid automatic subscription enrollment.

Implementation Process

Implementing hotpatching requires connecting Windows Server 2025 to Azure Arc. The process involves:

• Connect the machine to Azure Arc, if not already Arc-enabled.
• Sign into the Azure Arc portal.
• Navigate to Azure Arc → Machines.
• Select the machine name.
• Select Hotpatch (preview), then select Confirm.

The service follows a three-month cycle with one baseline month (requiring a reboot) followed by two months of hotpatches (no reboot required). 

The four planned baseline months are January, April, July, and October, with the goal of providing up to eight hotpatches annually.

Microsoft highlights several benefits of the hotpatching system:

• Higher availability with fewer reboots.
• Faster deployment of updates as packages are smaller and install more quickly.
• Reduced security vulnerability windows by enabling quicker patch implementation.
• Lower resource consumption with fewer binaries to process.

As Microsoft‘s Xbox team discovered, hotpatching can “reduce processes that used to take weeks down to just a couple of days”.

Windows Server 2025 Datacenter: Azure Edition users on Azure IaaS, Azure Local, or Azure Stack can continue using hotpatching at no additional cost. 

These users don’t need to Arc-enable their machines or pay the subscription fee.

The hotpatching feature supports both Server with Desktop Experience and Server Core installation options, though all systems must satisfy the requirements for Virtualization-based security (VBS) and use Unified Extensible Firmware Interface (UEFI) with Secure Boot enabled.

Microsoft encourages organizations to try hotpatching during the preview period before the subscription model takes effect, allowing them to experience the benefits firsthand while it remains free.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.