MC1107364: Hotpatching now enabled by default for new Windows quality update policies
Newly created Windows quality update policies now have hotpatch updates enabled by default to streamline policy creation. When will this happen: This feature is now available for all Windows Autopatch users. How this will affect your organization: Organizations using Windows Autopatch will benefit from faster security compliance and reduced downtime for devices running supported Windows editions. What you need to do to prepare: Create your new Windows Autopatch quality update policies today, with hotpatch enabled by default, to ensure your organization starts receiving hotpatches as early as August 2025. For new policies, hotpatch updates will be enabled by default. Just review and deploy them as usual.To create a new quality update policy, follow the steps here:
- Go to the Microsoft Intune admin center.
- Navigate to Devices > Windows updates > Quality updates.
- Select Create, and select Windows quality update policy.
- Under the Basics section, enter a name for your new policy and select Next.
- Under the Settings section, "When available, apply without restarting the device ("Hotpatch") will be set to Allow.
- Select the appropriate Scope tags or leave as Default. Then, select Next.
- Assign the devices to the policy and select Next.
- Review the policy and select Create.
To enable hotpatch updates on your existing quality update policies, follow the steps here:
- Go to the Microsoft Intune admin center.
- Navigate to Devices > Windows updates > Quality updates.
- Select the quality update policy you wish to modify. A new screen with its properties will appear.
- Select Edit in the “Settings” section.
- Under “Automatic update deployment” settings, locate the option "When available, apply without restarting the device ("hotpatch")."
- Toggle it to Allow.
Additional information:
- Learn about hotpatch updates for Windows 11.
- Learn how to enroll devices to receive hotpatch updates.
- Read Windows Autopatch documentation.