What and why:
The June 2026 Windows security update will be released as a [standard update] instead of a [hotpatch update]. As a result, hotpatch-enabled devices will require a restart to complete installation.
This change prioritizes security following public disclosure of a vulnerability outside coordinated disclosure best practices (CVE-2026-45585).
Rollout schedule:
- June 2026: Standard update with restart required for hotpatch-enabled devices.
- July 2026: Planned baseline update month with restart required.
- August 2026: Next hotpatch update expected.
Impact on your organization:
- Hotpatch-enabled devices will require a restart to complete installation of the June 2026 security update.
- Hotpatch-enabled devices will remain enrolled in hotpatch updates.
- No change for devices not using hotpatch updates (standard updates already require restart).
Action required / recommendations: No additional configuration is required to stay enrolled in hotpatch updates.
Compliance considerations:
- No compliance action is required.
- Update installation and restart behavior will be reflected in update history and compliance reports as usual.
Additional information:
You can track the hotpatch update calendars on the Windows release health site for both Windows 11 and Windows Servers.