Microsoft Windows Autopatch defaults hotpatch security updates for managed Windows devices
Security Tool/Service
Summary
Hide ▲
Show ▼
Microsoft is making hotpatch security updates the default for eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, reducing restart-driven exposure windows for enterprise fleets. The change takes effect with the May 2026 Windows security update and can be opted out of at the tenant level. Microsoft says the shift should also cut the time to reach 90% patch compliance and expands a service already running on more than 10 million production devices.
Related Happenings
Microsoft extends Windows Server 2022 Hotpatch support through October 2027 for enrolled Azure Edition servers
Security Tool/Service
H score11
First: 29.06.2026 20:11
Last: 29.06.2026 20:11
Sources 1
About this happening:
Microsoft has extended **Windows Server 2022 Hotpatch** support through **October 2027**, preserving **monthly security updates without restarts** for enrolled servers and reducin...
Microsoft extends Windows Server 2022 Hotpatch support through October 2027 for enrolled Azure Edition servers
Security Tool/ServiceAbout this happening: Microsoft has extended **Windows Server 2022 Hotpatch** support through **October 2027**, preserving **monthly security updates without restarts** for enrolled servers and reducin...
Microsoft extends Windows 10 ESU consumer coverage through October 2027
Security Tool/Service
H score11
First: 25.06.2026 21:29
Last: 25.06.2026 21:29
Sources 1
About this happening:
**Microsoft** quietly extended the **Windows 10 Extended Security Updates (ESU)** program for **personal devices** by **one additional year**, keeping critical security update cov...
Microsoft extends Windows 10 ESU consumer coverage through October 2027
Security Tool/ServiceAbout this happening: **Microsoft** quietly extended the **Windows 10 Extended Security Updates (ESU)** program for **personal devices** by **one additional year**, keeping critical security update cov...
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch Release
H score40
First: 10.06.2026 12:57
Last: 10.06.2026 12:57
Sources 1
About this happening:
**Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)
Security Patch ReleaseAbout this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch Release
H score15
First: 10.06.2026 02:11
Last: 10.06.2026 02:11
Sources 1
About this happening:
**Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes
Security Patch ReleaseAbout this happening: **Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/Service
H score10
First: 08.06.2026 09:08
Last: 08.06.2026 09:08
Sources 1
About this happening:
**Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Visual Studio Code adds two-hour delay for automatic extension updates
Security Tool/ServiceAbout this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...
Timeline
-
10.03.2026 12:35 2 articles · 4mo ago
Microsoft announces default hotpatch security updates for managed Windows devices
Initial DisclosureMicrosoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update. Windows Autopatch will deliver the updates, and Microsoft estimates the change will halve the time to reach 90% patch compliance.
Show sources
- Microsoft to enable Windows hotpatch security updates by default — www.bleepingcomputer.com — 10.03.2026 12:35
- Microsoft to enable Windows hotpatch security updates by default — www.bleepingcomputer.com — 10.03.2026 12:35
-
10.03.2026 12:35 1 articles · 4mo ago
Microsoft Intune hotpatch tenant controls go live on April 1, 2026
Mitigation Patch UpdateMicrosoft Intune tenant controls for hotpatch updates go live on April 1, 2026, letting organizations set the tenant policy to Allow or Block and scope hotpatch behavior for specific devices. Admins can use the Hotpatch quality updates report in Intune to verify that devices have installed the April 2026 baseline update and meet the prerequisites for May hotpatch updates.
Show sources
- Microsoft to enable Windows hotpatch security updates by default — www.bleepingcomputer.com — 10.03.2026 12:35
-
10.03.2026 12:35 1 articles · 4mo ago
Hotpatch readiness deadline arrives before May 11, 2026 deployment
Mitigation Patch UpdateMicrosoft gives administrators until May 11, 2026 to review device readiness and adjust settings before hotpatch updates are deployed. April 2026 is the baseline month, and Windows Autopatch will then deliver the security fixes to eligible managed Windows devices without requiring a restart.
Show sources
- Microsoft to enable Windows hotpatch security updates by default — www.bleepingcomputer.com — 10.03.2026 12:35