Microsoft has officially announced the general availability of hotpatching for 64-bit Arm (Arm64) architecture on Windows 11, version 24H2. This enables security patches to be applied without system restarts, significantly reducing downtime and making devices more secure.
Advertisеment
Hotpatching was first introduced for x64-based devices (Intel and AMD) in April 2025 and has since seen widespread adoption across millions of devices and thousands of enterprise customers. Following positive industry feedback and successful implementation on traditional architectures, Microsoft is now extending this capability to support a wide range of client hardware powered by Arm64 processors.
The benefits of hotpatching include faster compliance with security standards, minimized service interruptions, smaller update payloads, and centralized management via Microsoft Intune and Windows Autopatch. These features valuable in large-scale deployments.
Prerequisites
To enable hotpatching on Arm64 devices, organizations must meet specific prerequisites. Devices must be running Windows 11 Enterprise, version 24H2 (Build 26100.2033 or later), with Virtualization-Based Security (VBS) enabled and enrolled in a hotpatch-capable quality update policy via Microsoft Intune. Additionally, Compiled Hybrid PE (CHPE), a compatibility layer for x86 emulation, must be disabled to ensure proper application of hotpatch updates.
Disabling CHPE can be done through either a Configuration Service Provider (CSP) setting or a registry key configuration. While disabling CHPE does not prevent x86 applications from running in emulation mode, organizations are advised to test the change in their environments before rolling it out broadly to mitigate any potential performance impacts.
Customers are encouraged to modernize their update strategies by adopting hotpatching as soon as the next hotpatch release cycle. For detailed instructions on preparing Arm64 devices for hotpatching and enrolling them into compatible update policies, refer to the official documentation: Enroll devices to receive hotpatch updates.
You will find advanced details in the official announcement.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
