Latest news with #MicrosoftIntune
Forbes
28-04-2025
- Forbes
Microsoft Confirms $1.50 Windows Security Update Fee Starts July 1
Would you pay for no-reboot Windows security updates? When it comes to security updates, those that fix vulnerabilities in an operating system used by billions are high on the mandatory agenda. Which is why it has not been the greatest month for Microsoft. What with the online furore after a recent Windows security patch added a mysterious folder, without any explanation, and social media 'experts' advised users to delete it, only for Microsoft to issue an advisory warning that would leave them open to attack. That update, and the installation of the inetpub folder, has now been shown to actually open the path to a different Windows hack attack. Now the whole Windows security update business has another contentious issue to deal with: charging a monthly subscription to receive no-reboot security 'hotpatch' updates. As I reported April 14, Microsoft is moving toward a time whereby a hotpatching function would negate the need to reboot your Windows system following a security update. The no-reboot security fixes would download and install in the background, deployed within the in-memory code of already running processes. That report was concerning the feature coming to users of a very specific version of Windows 11: Windows 11 Enterprise, version 24H2 for x64 (AMD/Intel) CPU device users running Microsoft Intune for deployment. Now, Janine Patrick, Windows Server product marketing manager, and Artem Pronichkin, a senior program manager at Microsoft, have confirmed that the hotpatch system for Windows Server 2025, which has been available in preview mode since 2024, will become a subscription-only service from July 1. To be able to run the no-reboot hotpatch security updates feature, Microsoft said that you will need to be using 'Windows Server 2025 Standard or Datacenter, and your server must be connected to Azure Arc.' The important and controversial bit quickly followed: 'You will also need to subscribe to the Hotpatch service.' Although hotpatching has been available for the longest time for Windows Server Datacenter: Azure Edition, and will continue without charge, these security updates for Windows Server 2025 users will cost $1.50 USD per CPU core per month. 'With hotpatching,' Microsoft said, 'you will still need to restart your Windows Servers about four times yearly for baseline updates, but hotpatching can save significant time and ease the inconvenience of a traditional Patch Tuesday.'
Forbes
14-04-2025
- Forbes
No Reboot Security Updates Come To Windows 11 — But There's A Catch
Security hotpatching comes to Windows 11 Enterprise. Windows updates, especially Windows security updates, are an essential yet often annoying consequence of using Microsoft's operating system. Without them, you would be unable to stay on top of the threat from newly discovered vulnerabilities, for example. However, when one of these updates installs a mysterious new folder, without proper explanation, and sets off a whole new social media privacy conspiracy, the annoying side comes to the fore. It's not as annoying, though, as having to wait for your device to go through the reboot cycle that installing Windows security updates brings to the party. Microsoft has taken note and introduced a new 'hotpatching' function to Windows 11 that enables security updates to download and install in the background, deploying them within running process in-memory code, and without any rebooting required. If you are using the correct version of Windows 11, that is. And there, dear reader, comes the catch. The really good news is that in confirming the arrival of the new security update hotpatching process, Microsoft said that it means 'users can continue their work without interruptions while hotpatch updates are installed,' with no restarts required for the remainder of that quarter. All of which while taking effect immediately to provide 'rapid protection against vulnerabilities.' If you could see me, you would notice me standing up and cheering at this point. You might also spot that I have sat straight back down again with a glum expression. That's because the April 2 Microsoft announcement quickly poured water on the excitement by adding that the feature is only available to Windows 11 Enterprise, version 24H2 for x64 (AMD/Intel) CPU device users. Oh, and they will need Microsoft Intune for deployment as well. Don't get me wrong, this is great news for organizations that meet the requirements. As David Callaghan, who authored the announcement, said: 'With hotpatch updates, you can quickly take measures to help protect your organization from cyberattacks, while minimizing user disruptions.' But it does leave the rest of us wondering when we will get the same treatment. There is one glimmer of hope for Windows 11 users, and that comes in the form of the 0patch micro-patching service, which uses a patching agent to apply fixes in memory without disturbing the individual Windows process concerned. This a subscription-based service, although it releases zero-day micro patches for free to bridge the gap between them becoming known and Microsoft fixing them officially. Maybe Microsoft should buy 0patch and then roll it out to everyone.
