Microsoft officially announced that Windows 11 will enable hot patch updates by default starting in May

Microsoft recently announced that starting in May 2026, the Windows Autopatch enterprise hosting service will enable the hotpatch security update mechanism by default.Eligible Windows PCs can complete patch installation without restarting, solving the long-term problem of conflict between update deployment and business continuity faced by enterprise IT administrators.

Windows Autopatch is an automated update management service for enterprise customers. It supports IT administrators to ensure the health and compliance of terminal devices through phased deployment strategies and quickly roll back when updates are abnormal.

Previously, security updates had to wait for the device to restart after being pushed to take effect, while hot patches can install updates instantly while the system is running, without restarting the computer.

According to the official plan, starting from April 1, 2026, all devices that meet the hardware preset conditions and have installed the April security update will enter the hot patch preparation stage.

April will be used as the base month. After the system completes the last baseline update and restarts, new security updates starting from May will be released in the form of hot patches.

Microsoft said that enabling hot patches is "the fastest way to get security protection for devices" and it is recommended that enterprises keep it enabled by default.

If you are not yet ready, IT administrators can opt out of hot patch updates through settings between April 1 and May 11, 2026, or configure them individually for specific device groups.