Find notable cyber news and cases, enriched with sources, timelines, and signals.

Microsoft Windows Autopatch defaults hotpatch security updates for managed Windows devices

Security Tool/Service
First reported
Last updated
Happening score
H score 11
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft is making hotpatch security updates the default for eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, reducing restart-driven exposure windows for enterprise fleets. The change takes effect with the May 2026 Windows security update and can be opted out of at the tenant level. Microsoft says the shift should also cut the time to reach 90% patch compliance and expands a service already running on more than 10 million production devices.

Related Happenings

Microsoft extends Windows Server 2022 Hotpatch support through October 2027 for enrolled Azure Edition servers

Security Tool/Service
H score11 First: 29.06.2026 20:11 Last: 29.06.2026 20:11 Sources 1

About this happening: Microsoft has extended **Windows Server 2022 Hotpatch** support through **October 2027**, preserving **monthly security updates without restarts** for enrolled servers and reducin...

Microsoft extends Windows 10 ESU consumer coverage through October 2027

Security Tool/Service
H score11 First: 25.06.2026 21:29 Last: 25.06.2026 21:29 Sources 1

About this happening: **Microsoft** quietly extended the **Windows 10 Extended Security Updates (ESU)** program for **personal devices** by **one additional year**, keeping critical security update cov...

Microsoft Windows June 2026 Patch Tuesday zero-day fixes (multiple vulnerabilities)

Security Patch Release
H score40 First: 10.06.2026 12:57 Last: 10.06.2026 12:57 Sources 1

About this happening: **Microsoft**'s **June 2026 Patch Tuesday** fixed **three Windows zero-days** that could yield **SYSTEM** access or bypass **BitLocker** on vulnerable systems.

Microsoft June 2026 Patch Tuesday GreenPlasma and YellowKey fixes

Security Patch Release
H score15 First: 10.06.2026 02:11 Last: 10.06.2026 02:11 Sources 1

About this happening: **Microsoft** released **June 2026 Patch Tuesday** updates that fixed the **GreenPlasma** and **YellowKey** flaws, closing two previously disclosed issues in the Windows ecosystem...

Visual Studio Code adds two-hour delay for automatic extension updates

Security Tool/Service
H score10 First: 08.06.2026 09:08 Last: 08.06.2026 09:08 Sources 1

About this happening: **Visual Studio Code (VS Code)** will delay automatic extension updates by **two hours** starting in **VS Code 1.123**, reducing exposure to **problematic or potentially compromis...

Timeline

  1. 10.03.2026 12:35 2 articles · 4mo ago

    Microsoft announces default hotpatch security updates for managed Windows devices

    Initial Disclosure

    Microsoft will turn on hotpatch security updates by default for all eligible Windows devices managed through Microsoft Intune and the Microsoft Graph API, beginning with the May 2026 Windows security update. Windows Autopatch will deliver the updates, and Microsoft estimates the change will halve the time to reach 90% patch compliance.

    Show sources
  2. 10.03.2026 12:35 1 articles · 4mo ago

    Microsoft Intune hotpatch tenant controls go live on April 1, 2026

    Mitigation Patch Update

    Microsoft Intune tenant controls for hotpatch updates go live on April 1, 2026, letting organizations set the tenant policy to Allow or Block and scope hotpatch behavior for specific devices. Admins can use the Hotpatch quality updates report in Intune to verify that devices have installed the April 2026 baseline update and meet the prerequisites for May hotpatch updates.

    Show sources
  3. 10.03.2026 12:35 1 articles · 4mo ago

    Hotpatch readiness deadline arrives before May 11, 2026 deployment

    Mitigation Patch Update

    Microsoft gives administrators until May 11, 2026 to review device readiness and adjust settings before hotpatch updates are deployed. April 2026 is the baseline month, and Windows Autopatch will then deliver the security fixes to eligible managed Windows devices without requiring a restart.

    Show sources