Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Windows Autopatch defaults hotpatch security updates for managed Windows devices

Security Tool/Service
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft is making hotpatch security updates the default for eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, reducing restart-driven exposure windows for enterprise fleets. The change takes effect with the May 2026 Windows security update and can be opted out of at the tenant level. Microsoft says the shift should also cut the time to reach 90% patch compliance and expands a service already running on more than 10 million production devices.

Related Happenings

Microsoft Windows 11 KB5089549 cumulative update

Security Patch Release
First: 18.05.2026 11:33 Last: 18.05.2026 11:33 Sources 1

About this happening: Microsoft's **KB5089549** **Windows 11** security update is failing to install on some systems, forcing affected devices to roll back during reboot. The problem is tied to a nearl...

Open Happening

Azure Backup for AKS Trusted Access permission tightening

Security Patch Release
First: 16.05.2026 23:55 Last: 16.05.2026 23:55 Sources 1

About this happening: **Microsoft** appears to have silently tightened **Azure Backup for AKS**, closing a **Trusted Access** authorization path that could let a low-privileged role reach **cluster-adm...

Open Happening

Microsoft adds Cloud-Initiated Driver Recovery for Windows Update driver rollbacks

Security Tool/Service
First: 15.05.2026 15:29 Last: 15.05.2026 15:29 Sources 1

About this happening: Microsoft is adding **Cloud-Initiated Driver Recovery** to **Windows Update**, giving it a remote rollback control for **problematic Windows drivers**. The capability reduces how...

Open Happening

Microsoft Exchange CVE-2026-42897 mitigation advisory

Advisory/Mitigation
First: 15.05.2026 12:40 Last: 15.05.2026 12:40 Sources 1

About this happening: **Microsoft** issued immediate mitigation guidance for **CVE-2026-42897**, reducing risk for **Exchange Server 2016, 2019, and Subscription Edition (SE)** on-premises servers that...

Latest development: 15.05.2026 15:35

Microsoft issued temporary mitigation guidance for CVE-2026-42897 while a patch is still in development, recommending the Exchange Emergency Mitigation (EM) Service, which is enabled by default and can be checked with the Exchange Health Checker script, or the Exchange On-premises Mitigation Tool (EOMT) for disconnected or air-gapped environments. Microsoft noted that the mitigations can disrupt features such as OWA Print Calendar and Inline images, and that servers older than March 2023 cannot receive new mitigations through EM Service.

Open Happening

Microsoft Windows Autopatch fix for EU restricted driver update deployment bug

Security Tool/Service
First: 13.05.2026 17:36 Last: 13.05.2026 17:36 Sources 1

About this happening: **Microsoft** fixed a **Windows Autopatch** service bug that let **restricted driver updates** reach some managed devices in the **EU**, bypassing admin approval controls and crea...

Open Happening

Timeline

  1. 10.03.2026 12:35 2 articles · 2mo ago

    Microsoft announces default hotpatch security updates for managed Windows devices

    Initial Disclosure

    Microsoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update. Windows Autopatch will deliver the updates, and Microsoft estimates the change will halve the time to reach 90% patch compliance.

    Show sources
    Open in new tab
  2. 10.03.2026 12:35 1 articles · 2mo ago

    Microsoft Intune hotpatch tenant controls go live on April 1, 2026

    Mitigation Patch Update

    Microsoft Intune tenant controls for hotpatch updates go live on April 1, 2026, letting organizations set the tenant policy to Allow or Block and scope hotpatch behavior for specific devices. Admins can use the Hotpatch quality updates report in Intune to verify that devices have installed the April 2026 baseline update and meet the prerequisites for May hotpatch updates.

    Show sources
    Open in new tab
  3. 10.03.2026 12:35 1 articles · 2mo ago

    Hotpatch readiness deadline arrives before May 11, 2026 deployment

    Mitigation Patch Update

    Microsoft gives administrators until May 11, 2026 to review device readiness and adjust settings before hotpatch updates are deployed. April 2026 is the baseline month, and Windows Autopatch will then deliver the security fixes to eligible managed Windows devices without requiring a restart.

    Show sources
    Open in new tab