Microsoft is preparing to officially launch a subscription-based hotpatching service for Windows Server 2025. This will be a shift in how updates will be handled for enterprises running Windows Server outside Azure.
Starting July 1, 2025, hotpatching will move from free preview to a paid subscription, priced at $1.50 per CPU core per month.
The move extends a capability that was once reserved exclusively for Azure users to on-premises servers and hybrid environments through Azure Arc integration.
What Is Hotpatching?
Hotpatching is a technology that allows security and critical updates to be installed without requiring a system reboot. Instead of restarting services or servers, hotpatching updates the in-memory code of running processes directly.
It’s a concept Linux admins have enjoyed for years with technologies like kpatch and ksplice, and now Microsoft is making it a standard option for Windows server deployments.
By applying updates without reboots, organizations can minimize disruptions and tighten their security posture.
How Does Hotpatching Work?
The hotpatching mechanism follows a structured update cycle:
- Baseline months: In January, April, July, and October, a full cumulative update will be released, requiring a reboot to establish a new baseline.
- Hotpatch months: In the two months following each baseline month, critical patches will be deployed via hotpatches without requiring any server reboots.
Thus, servers will only need to reboot about four times a year, instead of monthly.
On rare occasions, Microsoft may issue a critical security update that requires a reboot even during a hotpatch month. Otherwise, the stated goal remains: up to eight rebootless hotpatches a year.
Why Is Microsoft Moving to a Paid Model?
During its preview phase, hotpatching was available at no extra cost. However, Microsoft is now positioning hotpatching as a premium feature for customers who need maximum uptime, operational simplicity, and faster security response.
According to Microsoft’s Windows Server team, the value of hotpatching includes:
- Reduced Downtime: Maintain operations without scheduling weekend or late-night reboot windows.
- Faster Updates: Smaller patches mean faster deployments.
- Enhanced Security: Quickly address vulnerabilities without delays caused by reboot coordination.
- Operational Efficiency: Simplified change management and patch orchestration.
Internal Microsoft teams like the Xbox division have already demonstrated significant efficiency gains using hotpatching. Tasks that once took weeks are now completed in days.
Subscription Details
| Feature | Details |
| Launch Date | July 1, 2025 |
| Price | $1.50 USD per CPU core per month |
| Editions Supported | Windows Server 2025 Standard and Datacenter |
| Deployment Requirement | Must be connected to Azure Arc |
| Included with Azure Editions | Datacenter: Azure Edition (no extra charge) |
| Patch Frequency | 8 hotpatches/year + 4 reboot-required baseline patches |
Organizations currently using the free preview must either opt out before June 30, 2025, or they will be automatically enrolled into the paid subscription starting in July.
As powerful as hotpatching is, it doesn’t completely eliminate the need for traditional updates. Some updates will still require a reboot, such as
- Major non-security updates.
- .NET Framework patches.
- Driver and firmware updates.
- Emergency out-of-band security patches.
Thus, administrators should still plan for occasional downtime, but it will be significantly less frequent.
By integrating hotpatching into their update strategy, organizations can enhance system availability and streamline maintenance processes.
