Windows security updates may be delivered with fewer reboots starting later this year

Microsoft is already testing Windows 11 24H2, the big new Windows release coming this autumn. The company has already demonstrated several new features such as 80Gbps USB 4.0 support and Sudo for Windows, and the new version could significantly update the Windows installer for the first time since Windows Vista.

Here's What We Know

Late last week, Microsoft released "service updates" without any new features for members of the Windows Preview Programme. It's fairly common for pre-evaluation program participants to receive these updates, which exist only to test the update process, but the twist here is that computers with virtualisation-based security (VBS) enabled can apply the update without rebooting.

Sources speaking to Windows Central say this is no accident. Microsoft reportedly intends to use a Windows Server feature called "hot fixes" to deliver more Windows 11 security updates without requiring a reboot, making it easier to update without taking you offline.

A reboot will still be required, but it will be once every "few months." Microsoft's documentation states that a reboot is required about once every three months, though it may be more often than that for unexpected zero-day patches and others that can't be fixed with hot fixes.

Currently, hotfixing is mainly used for virtual machines. Even though your Windows PC is running on physical hardware, enabling VBS still isolates the OS from the rest of the hardware in a similar way, ensuring that hotfixing can still work. You can check if you have VBS enabled in the System Information app or by opening Windows Security, then Device Security, then selecting Kernel Isolation and checking to see if the Memory Integrity toggle switch is on.

Source: Microsoft