MC1101876 - Hotpatching now enabled by default for new Windows quality update policies

Message ID

MC1101876

View in Message Center

Service

Microsoft Intune

Published

Jun 23, 2025

Tag

Feature update

Summary

Hotpatching will be enabled by default for new Windows quality update policies starting June 23, 2025, improving security compliance and reducing downtime. Organizations should review and deploy new policies as usual and can enable hotpatch updates on existing policies via the Microsoft Intune admin center.

More information

Newly created Windows quality update policies will have hotpatch updates enabled by default to streamline policy creation.

When this will happen:

Hotpatch updates will be automatically enabled for new policies starting on June 23, 2025 or soon after.

How this will affect your organization:

Organizations using Windows Autopatch will benefit from faster security compliance and reduced downtime for devices running supported Windows editions.

What you need to do to prepare:

Set up your new Windows Autopatch policies today. For new policies, hotpatch updates will be enabled by default. Simply review and deploy them as usual.

To enable hotpatch updates on your existing policies:

Go to the Microsoft Intune admin center.
Navigate to Devices > Windows updates > Quality updates.
Select the quality update policy you wish to modify. A new screen with its properties will appear.
Select Edit in the “Settings” section.
Under “Automatic update deployment” settings, locate the option "When available, apply without restarting the device ("hotpatch")."
Toggle it to Allow.

Additional information:

Learn about hotpatch updates for Windows 11.
Learn how to enroll devices to receive hotpatch updates.
Windows Autopatch documentation.