– Feb 26, 2024 6:03 pm UTC
Microsoft is already testing Windows 11 24H2, this fall’s big new Windows release. The company has already demonstrated a few new features, like 80Gbps USB4 support and Sudo for Windows, and the new version could also give a significant refresh to the Windows installer for the first time since the Windows Vista days.
But there’s one big update you might not notice at all. Late last week, Microsoft released “servicing updates” with no new features to Windows Insiders in the Dev and Canary channels. The updates were “designed to test [Microsoft’s] servicing pipeline for Windows 11.” It’s pretty common for Insiders to get these kinds of updates-that-exist-only-to-test-the-update-process, but the twist here is that PCs with Virtualization Based Security (VBS) enabled could apply the update without rebooting.
Sources speaking to Windows Central say this isn’t a fluke—Microsoft reportedly intends to use a Windows Server feature called hotpatching to deliver more Windows 11 security updates without requiring a reboot, making it easier to stay up to date without disrupting whatever you’re doing. You’ll still need to reboot “every few months”—Microsoft’s documentation says a reboot is needed roughly once every three months, though it can happen more often than that for unanticipated zero-day patches and others that can’t be fixed via hotpatching. The Arm versions of Windows 11 also won’t get the feature for another year or so, according to Windows Central.
Despite the significant reduction in mandatory reboots, it inevitably causes some disturbance to your regular schedule as you wait for updates to install. It can also be frustrating to find all your apps closed after an unexpected system restart in the morning.
As of now, hotpatching is primarily used in virtual machines. According to Microsoft, hotpatching works by “modifying the in-memory code of active processes without having to restart them,” and leaves your apps unaffected. Even if your system is operating on physical hardware, having Virtualization Based Security (VBS) enabled can isolate the OS from the rest of the components, which allows for smooth hotpatching.
Any Windows 11 device that satisfies the OS installation prerequisites should have VBS enabled by default. It’s possible to verify this using the System Information app or navigate to ‘Windows Security,’ then to ‘Device Security,’ and finally to ‘Core Isolation’ to check if the ‘Memory Integrity’ toggle is switched on.
In most cases, having this feature enabled doesn’t result in any drawbacks. Nevertheless, several tests by Tom’s Hardware and others suggest a slight effect on gaming performance. The descent is usually in the low to mid single-digits, depending on the game and configurations. This led to a common practice among PC gamers to turn off VBS. However, disabling VBS will still fetch all of Microsoft’s security updates; the trade-off is the necessity to restart your PC at least monthly to facilitate these updates.
Hudson Valley Host is premier provider of cutting-edge hosting solutions, specializing in delivering a seamless online experience for businesses and individuals. We offer a comprehensive range of hosting services, including Shared Hosting, VPS, Dedicated Servers, and Colocation. With 24/7 technical support, robust security measures, and user-friendly control panels, we empower clients in managing their online presence effortlessly. Hudson Valley Host is your trusted partner in achieving online success.
For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@hudsonvalleyhost.com.
