Windows Server is making a major security upgrade that should help prevent future hacks

An abstract image of a lock against a digital background, denoting cybersecurity.
(Image Credit: TheDigitalArtist / Pixabay) (Image credit: Pixabay)

‘Hotpatching’ - the ability to install important patches without needing to restart the endpoint - is coming to Windows Server 2025.

The news was confirmed on the Windows blog late last week, when Windows Server Director of Product, Hari Pulapaka, announced the feature in preview.

“You asked and we delivered: Standard and Datacenter edition server hotpatching - security updates without reboots - is ready for your evaluation in Windows Server 2025 Azure Arc-enabled Hotpatch public preview,” the blog reads. “This feature will be a game changer; simpler change control, shorter patch windows, easier orchestration… and you may finally get to see your family on the weekends.”

General availability soon

Being able to install important updates without the need to restart the device is a big deal, since the patches will be deployed faster, with fewer resources used. Furthermore, fewer reboots also mean less workload impact, and better security.

"Instead of 12 mandatory reboots a year on 'Patch Tuesday,' you'll now only have quarterly scheduled reboots (with the rare possibility of reboots being required in a nominal Hotpatch month)," Pulapaka added.

The feature will be available through Azure Arc, which will enable management and allow the Windows Server internal licensing service for Hotpatch to run and deliver updates to users.

"When Windows Server 2025 becomes generally available, you will be able to run the edition you want, where you want - whether on-prem, in Azure, or elsewhere," Pulapaka concluded.

"You'll have an option to hotpatch Windows Server 2025 physical servers or virtual machines, and those VMs can run on Hyper-V, VMware, or anywhere else that supports Microsoft's protection-focused Virtualization Based Security standard."

Those interested in enabling the Hotpatching feature on their Windows Server 2025 Datacenter and Standard edition evaluation machines should activate the service through the built-in Azure Arc agent setup. They also need to run Windows Server 2025 Datacenter evaluation, Virtualization Based Security, have the KB5040435 July Security update installed, and connected to Azure Arc.

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.