Microsoft Overhauls Windows Update with Hotpatching, Unified Platform, and Driver Cleanup

Microsoft is undertaking a significant overhaul of its Windows Update service, introducing a trio of major changes poised to redefine the update experience for users and IT professionals alike. The initiative focuses on minimizing disruptive reboots through "hotpatching," centralizing all software updates under a "unified update platform," and enhancing system security and stability by systematically removing legacy drivers.

The End of the Reboot? Hotpatching Arrives for Windows 11 and Windows Server

A long-standing frustration for Windows users, the mandatory system restart after most updates, is being addressed with the introduction of hotpatching technology. This feature allows for the application of security patches directly to the in-memory code of running processes, eliminating the need for a reboot in many instances. This innovation promises to significantly improve user workflow and productivity by reducing interruptions.

For Windows 11 Enterprise users, hotpatching is now available for version 24H2 on both x64 and ARM64 devices. This feature is included with specific enterprise and education licenses, such as Windows 11 Enterprise E3/E5, Microsoft 365 F3, and Microsoft 365 Business Premium. The system operates on a quarterly cycle, with a standard cumulative "baseline" update requiring a reboot at the beginning of each quarter, followed by two months of reboot-less hotpatch updates for security fixes. To be eligible, devices must have Virtualization-Based Security (VBS) enabled and be managed through Microsoft Intune with a hotpatch-enabled policy.

In contrast, hotpatching for on-premises Windows Server 2025 will be offered as a paid subscription service. Starting July 1, 2025, administrators will need to connect their servers to Azure Arc and pay a monthly fee of $1.50 per CPU core to enable this functionality. While the feature was available for free during a preview period, the move to a subscription model has sparked debate, with some critics arguing it creates a two-tiered system for security. Like the client version, hotpatching on Windows Server will follow a cycle of baseline updates requiring reboots and subsequent hotpatch releases that do not.

A Single Hub for All Updates: The Unified Update Platform

Microsoft is also moving to consolidate the fragmented landscape of software updates with its new "Windows Update orchestration platform." Currently in private preview, this platform aims to centralize updates for the operating system, drivers, and even third-party applications.

The goal is to provide a single, intelligent system for managing all updates, which will offer benefits for both users and developers. For users, it means a more streamlined experience, with a centralized location to view update history and manage all software updates. The platform will also intelligently schedule updates based on factors like user activity and power connection to minimize disruptions.

Developers will be able to integrate their applications, whether they are MSIX, APPX, or traditional Win32 programs, with the orchestration platform using WinRT APIs and PowerShell commands. This will allow their applications to leverage Windows Update's native notifications and scheduling capabilities.

Cleaning House: The Removal of Legacy Drivers

To bolster system security and improve driver quality, Microsoft has begun a strategic initiative to periodically remove legacy drivers from the Windows Update catalog. The initial focus is on older drivers that already have newer, more reliable replacements available.

Microsoft's process involves "expiring" these drivers by removing their audience assignment in the Hardware Development Center, which prevents them from being offered to any systems via Windows Update. Hardware partners will be given a six-month window to voice any concerns before a driver is permanently removed. Partners can also request to republish an expired driver if they can provide a valid business justification.

While this move is expected to enhance the overall security and stability of the Windows ecosystem, it has raised some concerns for users of older hardware who may rely on these legacy drivers. If a manufacturer no longer hosts an older driver on its own website and it is removed from Windows Update, it could become difficult for users to find and install it. Microsoft has stated that this will be a routine cleanup process and will expand to include more driver categories in the future.