diff --git a/windows/security/book/conclusion.md b/windows/security/book/conclusion.md
index 7a9d69992d..eab734c250 100644
--- a/windows/security/book/conclusion.md
+++ b/windows/security/book/conclusion.md
@@ -22,7 +22,7 @@ New:
- [VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)
- [Virtualization-based security enclaves](application-security-application-isolation.md#-virtualization-based-security-enclaves)
- [Win32 app isolation](application-security-application-isolation.md#-win32-app-isolation)
-- [Windows Hotpatch](cloud-services-protect-your-work-information.md#-windows-hotpatch)
+- [Windows Hotpatch](cloud-services-protect-your-work-information.md#windows-hotpatch)
- [Windows protected print](operating-system-security-system-security.md#-windows-protected-print)
Enhanced:
diff --git a/windows/security/book/features-index.md b/windows/security/book/features-index.md
index 4606a7e4a9..d128e7efa0 100644
--- a/windows/security/book/features-index.md
+++ b/windows/security/book/features-index.md
@@ -7,4 +7,4 @@ ms.date: 11/18/2024
# Features index
-[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)
[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)
[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)
[Administrator protection](application-security-application-and-driver-control.md#-administrator-protection)
[App containers](application-security-application-isolation.md#app-containers)
[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)
[Attack surface reduction rules](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction-rules)
[Azure Attestation service](cloud-services-protect-your-work-information.md#-azure-attestation-service)
[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)
[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)
[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)
[Certificates](operating-system-security-system-security.md#certificates)
[Cloud-native device management](cloud-services-protect-your-work-information.md#cloud-native-device-management)
[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)
[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)
[Config Refresh](operating-system-security-system-security.md#-config-refresh)
[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)
[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)
[Cryptography](operating-system-security-system-security.md#cryptography)
[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)
[Device Health Attestation](operating-system-security-system-security.md#device-health-attestation)
[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)
[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)
[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)
[Enhanced phishing protection in Microsoft Defender SmartScreen](identity-protection-passwordless-sign-in.md#enhanced-phishing-protection-in-microsoft-defender-smartscreen)
[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)
[Exploit Protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)
[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)
[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)
[FIDO2](identity-protection-passwordless-sign-in.md#fido2)
[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)
[Kernel direct memory access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)
[Kiosk mode](operating-system-security-system-security.md#kiosk-mode)
[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)
[Microsoft account](cloud-services-protect-your-personal-information.md#microsoft-account)
[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)
[Microsoft Cloud PKI](cloud-services-protect-your-work-information.md#microsoft-cloud-pki)
[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)
[Microsoft Defender for Endpoint](cloud-services-protect-your-work-information.md#-microsoft-defender-for-endpoint)
[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)
[Microsoft Entra ID](cloud-services-protect-your-work-information.md#-microsoft-entra-id)
[Microsoft Intune](cloud-services-protect-your-work-information.md#-microsoft-intune)
[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)
[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)
[Microsoft Privacy Dashboard](privacy-controls.md#microsoft-privacy-dashboard)
[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)
[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)
[Network protection](operating-system-security-virus-and-threat-protection.md#network-protection)
[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)
[OneDrive for work or school](cloud-services-protect-your-work-information.md#-onedrive-for-work-or-school)
[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)
[Personal Data Encryption](operating-system-security-encryption-and-data-protection.md#personal-data-encryption)
[Personal Vault](cloud-services-protect-your-personal-information.md#personal-vault)
[Privacy resource usage](privacy-controls.md#privacy-resource-usage)
[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)
[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)
[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)
[Rust for Windows](operating-system-security-system-security.md#-rust-for-windows)
[Secure Future Initiative (SFI)](security-foundation-offensive-research.md#secure-future-initiative-sfi)
[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)
[Secured-core PC and Edge Secured-Core](hardware-security-silicon-assisted-security.md#secured-core-pc-and-edge-secured-core)
[Security baselines](cloud-services-protect-your-work-information.md#security-baselines)
[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)
[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)
[Smart cards](identity-protection-passwordless-sign-in.md#smart-cards)
[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)
[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)
[Token protection (preview)](identity-protection-advanced-credential-protection.md#token-protection-preview)
[Transport Layer Security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)
[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)
[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)
[Trusted Signing](application-security-application-and-driver-control.md#-trusted-signing)
[Universal Print](cloud-services-protect-your-work-information.md#-universal-print)
[VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)
[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)
[Virtualization-based security enclaves](application-security-application-isolation.md#-virtualization-based-security-enclaves)
[Web sign-in](identity-protection-passwordless-sign-in.md#web-sign-in)
[Wi-Fi connections](operating-system-security-network-security.md#wi-fi-connections)
[Win32 app isolation](application-security-application-isolation.md#-win32-app-isolation)
[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)
[Windows Autopilot](cloud-services-protect-your-work-information.md#windows-autopilot)
[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)
[Windows enrollment attestation](cloud-services-protect-your-work-information.md#windows-enrollment-attestation)
[Windows Firewall](operating-system-security-network-security.md#windows-firewall)
[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)
[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)
[Windows Hotpatch](cloud-services-protect-your-work-information.md#-windows-hotpatch)
[Windows Insider and Microsoft Bug Bounty Programs](security-foundation-offensive-research.md#windows-insider-and-microsoft-bug-bounty-programs)
[Windows Local Administrator Password Solution (LAPS)](cloud-services-protect-your-work-information.md#windows-local-administrator-password-solution-laps)
[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)
[Windows protected print](operating-system-security-system-security.md#-windows-protected-print)
[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)
[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)
[Windows Security](operating-system-security-system-security.md#windows-security)
[Windows Software Development Kit (SDK)](security-foundation-secure-supply-chain.md#windows-software-development-kit-sdk)
[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)
[Windows Update client policies](cloud-services-protect-your-work-information.md#windows-update-for-business)
\ No newline at end of file
+[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)
[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)
[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)
[Administrator protection](application-security-application-and-driver-control.md#-administrator-protection)
[App containers](application-security-application-isolation.md#app-containers)
[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)
[Attack surface reduction rules](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction-rules)
[Azure Attestation service](cloud-services-protect-your-work-information.md#-azure-attestation-service)
[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)
[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)
[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)
[Certificates](operating-system-security-system-security.md#certificates)
[Cloud-native device management](cloud-services-protect-your-work-information.md#cloud-native-device-management)
[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)
[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)
[Config Refresh](operating-system-security-system-security.md#-config-refresh)
[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)
[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)
[Cryptography](operating-system-security-system-security.md#cryptography)
[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)
[Device Health Attestation](operating-system-security-system-security.md#device-health-attestation)
[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)
[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)
[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)
[Enhanced phishing protection in Microsoft Defender SmartScreen](identity-protection-passwordless-sign-in.md#enhanced-phishing-protection-in-microsoft-defender-smartscreen)
[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)
[Exploit Protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)
[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)
[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)
[FIDO2](identity-protection-passwordless-sign-in.md#fido2)
[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)
[Kernel direct memory access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)
[Kiosk mode](operating-system-security-system-security.md#kiosk-mode)
[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)
[Microsoft account](cloud-services-protect-your-personal-information.md#microsoft-account)
[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)
[Microsoft Cloud PKI](cloud-services-protect-your-work-information.md#microsoft-cloud-pki)
[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)
[Microsoft Defender for Endpoint](cloud-services-protect-your-work-information.md#-microsoft-defender-for-endpoint)
[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)
[Microsoft Entra ID](cloud-services-protect-your-work-information.md#-microsoft-entra-id)
[Microsoft Intune](cloud-services-protect-your-work-information.md#-microsoft-intune)
[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)
[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)
[Microsoft Privacy Dashboard](privacy-controls.md#microsoft-privacy-dashboard)
[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)
[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)
[Network protection](operating-system-security-virus-and-threat-protection.md#network-protection)
[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)
[OneDrive for work or school](cloud-services-protect-your-work-information.md#-onedrive-for-work-or-school)
[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)
[Personal Data Encryption](operating-system-security-encryption-and-data-protection.md#personal-data-encryption)
[Personal Vault](cloud-services-protect-your-personal-information.md#personal-vault)
[Privacy resource usage](privacy-controls.md#privacy-resource-usage)
[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)
[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)
[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)
[Rust for Windows](operating-system-security-system-security.md#-rust-for-windows)
[Secure Future Initiative (SFI)](security-foundation-offensive-research.md#secure-future-initiative-sfi)
[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)
[Secured-core PC and Edge Secured-Core](hardware-security-silicon-assisted-security.md#secured-core-pc-and-edge-secured-core)
[Security baselines](cloud-services-protect-your-work-information.md#security-baselines)
[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)
[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)
[Smart cards](identity-protection-passwordless-sign-in.md#smart-cards)
[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)
[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)
[Token protection (preview)](identity-protection-advanced-credential-protection.md#token-protection-preview)
[Transport Layer Security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)
[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)
[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)
[Trusted Signing](application-security-application-and-driver-control.md#-trusted-signing)
[Universal Print](cloud-services-protect-your-work-information.md#-universal-print)
[VBS key protection](identity-protection-advanced-credential-protection.md#-vbs-key-protection)
[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)
[Virtualization-based security enclaves](application-security-application-isolation.md#-virtualization-based-security-enclaves)
[Web sign-in](identity-protection-passwordless-sign-in.md#web-sign-in)
[Wi-Fi connections](operating-system-security-network-security.md#wi-fi-connections)
[Win32 app isolation](application-security-application-isolation.md#-win32-app-isolation)
[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)
[Windows Autopilot](cloud-services-protect-your-work-information.md#windows-autopilot)
[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)
[Windows enrollment attestation](cloud-services-protect-your-work-information.md#windows-enrollment-attestation)
[Windows Firewall](operating-system-security-network-security.md#windows-firewall)
[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)
[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)
[Windows Hotpatch](cloud-services-protect-your-work-information.md#windows-hotpatch)
[Windows Insider and Microsoft Bug Bounty Programs](security-foundation-offensive-research.md#windows-insider-and-microsoft-bug-bounty-programs)
[Windows Local Administrator Password Solution (LAPS)](cloud-services-protect-your-work-information.md#windows-local-administrator-password-solution-laps)
[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)
[Windows protected print](operating-system-security-system-security.md#-windows-protected-print)
[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)
[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)
[Windows Security](operating-system-security-system-security.md#windows-security)
[Windows Software Development Kit (SDK)](security-foundation-secure-supply-chain.md#windows-software-development-kit-sdk)
[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)
[Windows Update client policies](cloud-services-protect-your-work-information.md#windows-update-for-business)
diff --git a/windows/security/book/includes/windows-hotpatch.md b/windows/security/book/includes/windows-hotpatch.md
index a417cec5fd..a4b55ccee3 100644
--- a/windows/security/book/includes/windows-hotpatch.md
+++ b/windows/security/book/includes/windows-hotpatch.md
@@ -1,16 +1,21 @@
---
-author: paolomatarazzo
-ms.author: paoloma
-ms.date: 12/11/2024
+author: nikideshpande
+ms.author: nidesh
+ms.date: 27/06/2025
ms.topic: include
---
-## :::image type="icon" source="../images/soon-button-title.svg" border="false"::: Windows Hotpatch
+## Windows Hotpatch
-Windows Hotpatch is a feature designed to enhance security and minimize disruptions. With Windows Hotpatch, organizations can apply critical security updates without requiring a system restart, reducing the time to adopt a security update by 60% from the moment the update is offered. Hotpatch updates streamline the installation process, enhance compliance efficiency, and provide a per-policy level view of update statuses for all devices.
+Windows Hotpatch is a feature designed for immediate security compliance and minimized disruptions. With Windows Hotpatch, organizations can apply critical security updates without requiring a system restart, reducing the time to adopt a security update by 60% from the moment the update is offered. Hotpatch updates streamline the installation process, enhance compliance efficiency, and provide a per-policy level view of update statuses for all devices. Importantly, delays in organizational security compliance due to update deferrals or postponements are eliminated with Hotpatch updates, ensuring timely and consistent deployment across the tenant.
-By utilizing hotpatching through Windows Autopatch, the number of system restarts for Windows updates can be reduced from 12 times a year to just 4, ensuring consistent protection and uninterrupted productivity. This means less downtime, a streamlined experience for users, and a reduction in security risks. This technology, proven in the Azure Server environment, is now expanding to Windows 11, offering immediate security from day one without the need for a restart.
+By utilizing hotpatching through Windows Autopatch, the number of system restarts for Windows updates can be reduced from 12 times a year to just 4. This means less downtime, a streamlined experience for users, and a reduction in security risks. By addressing security vulnerabilities immediately—without compromising user productivity or system availability—Hotpatch ensures that enterprise environments remain secure, compliant, and operationally efficient. This technology, proven in the Azure Server environment, is now also available for Windows 11 client devices enrolled in Windows Autopatch.
[!INCLUDE [learn-more](learn-more.md)]
+- [Windows Hotpatch documentation](/windows/deployment/windows-autopatch/manage/windows-autopatch-hotpatch-updates)
+- [Hotpatch Frequently Asked Questions](https://techcommunity.microsoft.com/blog/windows-itpro-blog/hotpatch-for-client-frequently-asked-questions/4413582)
+- [Hotpatch User Readiness Guide](https://support.microsoft.com/topic/understanding-security-updates-that-get-installed-without-a-restart-b122787e-9a54-48c3-8a7a-6e3b23ee05d6)
+- [Windows 11 Hotpatch Release Calendar](/windows/release-health/windows11-release-information#windows-11-current-versions-by-servicing-option)
- [Windows Autopatch documentation](/windows/deployment/windows-autopatch/)
+- [Hotpatch for Windows Server](/windows-server/get-started/hotpatch)