deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-27 00:03:45 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge pull request #10735 from tiaraquan/ap-updates-040125

Browse Source 
Hotpatch GA
This commit is contained in:
Tiara Quan
2025-04-02 08:07:04 -07:00
committed by GitHub
parent 53a40a7da0 538894a868
commit 7492b90884
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates.md
View File

@ -1,7 +1,7 @@
---
title: Hotpatch updates
description: Use Hotpatch updates to receive security updates without restarting your device
ms.date: 03/31/2025
ms.date: 04/02/2025
ms.service: windows-client
ms.subservice: autopatch
ms.topic: how-to
@ -15,10 +15,7 @@ ms.collection:
- tier1
---
# Hotpatch updates (public preview)
> [!IMPORTANT]
> This feature is in public preview. It's being actively developed and might not be complete. They're made available on a "Preview" basis. You can test and use these features in production environments and scenarios and provide feedback.
# Hotpatch updates
Hotpatch updates are designed to reduce downtime and disruptions. Hotpatch updates are [Monthly B release security updates](/windows/deployment/update/release-cycle#monthly-security-update-release) that install and take effect without requiring you to restart the device. By minimizing the need to restart, these updates help ensure faster compliance, making it easier for organizations to maintain security while keeping workflows uninterrupted.
@ -52,7 +49,10 @@ To prepare a device to receive Hotpatch updates, configure the following operati
VBS must be turned on for a device to be offered Hotpatch updates. For information on how to set and detect if VBS is enabled, see [Virtualization-based Security (VBS)](/windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity?tabs=security).
### Arm 64 devices must disable compiled hybrid PE usage (CHPE) (Arm 64 CPU Only)
### Arm 64 devices must disable compiled hybrid PE usage (CHPE) (Arm 64 CPU Only) (Public preview)
> [!IMPORTANT]
> **Arm 64 devices are in public preview**. It's being actively developed and might not be complete. They're made available on a "Preview" basis. You can test and use these features in production environments and scenarios and provide feedback.
This requirement only applies to Arm 64 CPU devices when using Hotpatch updates. Hotpatch updates aren't compatible with servicing CHPE OS binaries located in the `%SystemRoot%\SyChpe32` folder. To ensure all the Hotpatch updates are applied, you must set the CHPE disable flag and restart the device to disable CHPE usage. You only need to set this flag one time. The registry setting remains applied through updates. To disable CHPE, create and/or set the following DWORD registry key:
Path: `HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management`