Windows Server Hotpatch

Windows Hotpatch is a new Azure feature allowing supported Windows servers to receive updates that do not require a reboot to install completely, removing the need for monthly reboots and increasing your server uptime greatly.

Requirements

To utilise Windows Hotpatch, at the moment, you must be running Windows Server 2022 Datacenter Azure Edition Core. The supported operating system builds can be found here.

How it works

There are three types of updates that can take place with Windows Hotpatch:

  • Planned baseline – these occur every 3 months and require a reboot. They are the regular Cumulative Updates which include all of the Critical and Security updates required for that Operating System.
  • Unplanned baseline – these are released when there are important updates, such as critical/zero-day patches that cannot be released as a Hotpatch. If an unplanned baseline is released it will replace the Hotpatch release for that month. They also include all of the rolled up Critical and Security updates, hence the name baseline.
  • Hotpatches – these occur on the months between a planned or unplanned baseline and contain security updates. They do not require a reboot to complete the update installation.

To illustrate how this might look, below is an example schedule.

Hotpatch schedule

The number of unplanned baselines is not a set amount, obviously the fewer the better as that means less server reboots.

Hotpatch will install Critical and Security updates automatically after they are released. Once it is enabled you don’t need to do anything. Updates will be installed and the server rebooted where necessary during the off-peak hours of that VMs time zone.

Create a Virtual Machine with Hotpatch

When creating your VM, if you’ve selected the correct operating system you’ll get the option to enable Hotpatch on the Management tab.

Where to enable hotpatch

To view the status of Hotpatch, click on “Updates” and then “Go to Hotpatch”.

How to view Hotpatch status

From this page you can see the update status of the VM.

Hotpatch status for a VM

The official Microsoft documentation can be found here:
Hotpatch for Windows Server Azure Edition | Microsoft Docs