Monday, April 15, 2024

Some Windows 11 updates may soon install without reboots


A reboot is required after the installation of many updates for Windows. This is definitely the case for the monthly cumulative security updates, but also for other updates. Windows 11 displays popups to the user when a restart is required, which can be disruptive.

Sometimes, Windows may even restart the computer automatically, which can lead to data loss and other unwanted outcomes. At other times, it may not give the user a choice to reboot without installing the update.

The next version of Windows 11, which is called Windows 11 2024 Update, may reduce the number of update reboots significantly.

Hot Patching is the answer

Microsoft is testing a new feature, which it calls Hot Patching. This is not a new technology, as Microsoft is using Hot Patching already in some Server products.

As it stands, Hot Patching may reduce the number of update reboots to four per year. Right now, Microsoft releases a security update each month. Each of these requires a reboot. Then there is the feature update release, which also requires a reboot. Other updates, like critical security updates for 0-day issues, also require reboots.

Hot Patching relies on baseline updates. These are released every quarter, and these continue to require restarts.

Microsoft explains Hot Patching on the linked support page:

It works by patching the in-memory code of running processes without the need to restart the process

Hot Patching has a number of benefits according to Microsoft, including faster update installations and less resource usage during installs, improved protections and security risks, and less impact on workloads.

As for security, hot-patched systems are protected the moment the patch is installed. Traditional updates may take effect only after the system has been rebooted.

Integrated in Windows 11 builds already

The latest Windows 11 Dev Channel build, which is build 26058, supports the functionality. After installation of the build, users should see the new build string ge_release_svc_hotpatch_prod1.240211-0859.

Virtualization-based Security

Hot patching requires a PC with Virtualization Based Security enabled. One way of checking whether the technology is enabled on a Windows PC is the following:

  • Open the Start Menu.
  • Type System Information.
  • Run the System Information result.
  • Scroll down the System Summary section in the program window that opens until you find the Virtualization-based Security entry.
  • Check it if says “Running” or “Not Enabled”.

Closing Words

Hot Patching is in development right now. If it lands, it will reduce the number of reboots after updates. Hot Patching won’t eliminate the need to reboot after updates. Besides baseline updates, there may also be other update releases that may require a reboot. These can be critical security updates, driver updates, and other types of updates that require it.

There is one caveat; it is unclear, at this point, if all editions of Windows 11 will get Hot Patching support. It is possible that the functionality is artificially limited to Windows 11 Education and Enterprise, and Windows 365.

Image credit: monkeybusiness/

Read more

Local News