Hi,let’s discuss How to Implement Windows 11 Hotpatching using Intune. First this new enhancement is announced through the Ignite event. There it was announced that Microsoft will test hotpatching updates for Windows 11 24H2 and Windows 365. Also in the event, Microsoft announced the new enchantment for Windows 11 users.
This new feature called Hotpatching, is now in preview for Windows 1124H2 and Windows 365 users. It will be one of the best improvements, and many users’ wishes are about to come true. As we all know, system updates are significant for the system and its users.
One primary reason for updates is to fix security vulnerabilities, so we can’t skip this for better performance and productivity. Do you know when the Hotpatch updates will help users? The updates do not affect any users’ workflows.
Microsoft removed the restart option after updates with the help of Hotpatching. It is a method that applies security updates immediately without interrupting user workflows, and it is entirely different from traditional updates. So, let’s look into Hot Patch on Windows 11 24H2.
Table of Contents
What are the Hotpatching Benefits?
The main benefit of Hotpatching is that there is no need to reboot the system after the update, which is a compulsory process in traditional updates. Also, the user gets a smooth workflow during the ongoing updates. It may reduce the necessary reboots and allow users to focus on their Work.
Who can use Windows Hotpatching
What Microsoft 365 licenses offer Hotpatching?
Hotpatching is available with certain Microsoft 365 licenses, like A3+, E3+, and F3. These plans provide advanced features that improve security, system uptime, and update efficiency. With hotpatching, Windows updates happen in memory, reducing downtime and minimizing security risks.
How to Implement Windows 11 Hotpatching using Intune
Above, we discussed an overall view on Microsoft’s Announcement That Hot Patching on Windows 11 24H2 is and Windows 365. Microsoft has announced that a new hotpatching feature is now available in the preview for Windows 365 and Windows 11 Enterprise 24H2 client devices.
In the Ingnite Event 2024, Mr Lior Bela and Rob York discussed this announcement. They mainly discussed Intune Cloud-native Management, Prepare for AI and Next-Gen Cloud PCs. In that topic, they discussed the Hotpatch update, which they explained very well with demos.
Before Hotpatch Update | After Hotpatch Update |
---|---|
The Traditional updates will be downloaded and installed; a restart is required to complete the installation. | Hot patching lets Windows install security updates in the background without needing to restart |
With Traditional updates, users may experience interruptions when they need to restart. It will affect the user’s task. | Hotpatch Update doesn’t make any interruptions during the ongoing tas of users. |
- Fix File Explorer Menu Appear Outside Screen Issue for Windows 11 24H2
- Best Way for Windows 11 24H2 Upgrade using Intune and Windows Update for Business WUfB Deployment
- Windows 11 24H2 Monthly Patching Got Faster Installation Reboot and Less CPU usage with new Client Servicing Stack
Before Hotpach
hot patch updates focus only on security fixes and don’t include any new features. The key benefit is that these updates take effect immediately without restarting your device. In the first month of each quarter, devices will get an update, including the latest security patches, new features, and improvements.
- When we get Updates, we update them immediately.
- When clicking on the Check for the update option, our system starts downloading Updates for our system.
- We know the critical part of this installation.
- After completing the installation, the system needs a Reboot.
- This is very frustrating because restarting is not a good option for users, especially during critical tasks or meetings.
After Hotpach
This update does not change anything on your device, and it’s completely different from traditional Hotpatch, which removes the restart option after the update. In the case of Hotpach, the update eliminates the need for frequent reboots, allowing users to continue working without interruptions. After the update, the user receives a green notification confirming the update was completed.
Hotpatch Supporting Devices |
---|
Devices must be on the latest baseline release version to qualify for Hotpatch updates. |
Devices must be running Windows 11 24H2 Build 26100.2033 or later |
VBS must be enabled for secure Hotpatch updates installation. |
Windows 365 and Azure Virtual Desktop (AVD), including Windows 11 Multi-Session. |
How to Enable the Hotpatch policy Through Intune
You can easily enable the hot patch policy through the end for that first. You must sign in to the admin portal and navigate through the Devices> Windows updates (under the manage update) option.
When you click on the Windows update, you will get an option to create a policy. Click on that, and you will get 2 options. Windows quality update policy preview and expedite policy. Click on the Windows quality update policy preview.
Basics
To create a policy, start by entering the Basic details, including the name and description. Then, click on “Next.” for an example I have named this policy Windows Hotpatching.
Settings
After completing the basic steps, navigate to the settings tab. Here, enable the policy titled “When available, apply without restarting the device (hotpatch).” To enable it, toggle the switch from left to right. Once you have made these adjustments, click on Next.
Note: Next, you’ll need to go through the scope tags. This step is mandatory, so I skipped this section, so you don’t need to take any action there.
Assignments
After the scope tag section, you will now proceed to the important section known as “Assignments.” In this section, you can assign devices to the policy. You will see an option to “Add Group.” Click on this option, select the group you want to assign to the policy, and then click Next.
Review+Create
The final session is a Review + Create option. This acts as a summary page where you can review all the information you provided, including the basics and settings. Once you have checked everything, you can finalize the policy by clicking the “Create” option.
- Your Hotpatch policy is now created, ready for use.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Pad and Telegram group to get the latest step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP from 2015 onwards for 10 consecutive years! He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is also a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.