No, Microsoft Isn’t Charging for Every Server Patch — Here’s the Real Story
New Genesis Solutions
Transforming cyber and AI risk into business resilience for regulated mid-market organizations.
Article Written by Darren Pawlak
No, Microsoft is not going to charge you $1.50 for Server patches
Let’s get the important takeaway out of the way from the jump.
There have been many stories and hyperbolically titled articles out there over the past week or so lending an inference that Microsoft will start charging us all for Windows Server updates/patches.
This has ranged from misleading to well-intentioned, but it is likely an unintentional misunderstanding of what is actually happening. Ironically, there’s a very understandable reason why some of these conclusions have been drawn.
Let’s get into the quick history of how these misconceptions may have been born and what’s really going on here:
The Long Story Short – (what’s actually happening!?)
So first, what’s actually happening? About a week or two ago, Microsoft announced a new service (feature, really) for the newly released Server 2025 related to patching methods.
This feature allows you to “Hot Patch” (effectively, for most of the calendar year, apply usual patch Tuesday updates without the need for any kind of reboot or operations interruption at all) your on-prem servers running the latest Server operating system. The premium feature price is $1.50 USD per physical processor core.
Now, while this is a ‘new’ feature for on-prem and for Server 2025, this is not actually a ‘new’ feature per-se. The ability to Hot Patch/no reboot patch servers has existed for several years. Microsoft introduced this for the (very specific) “Windows Server Datacenter: Azure Edition” SKU for VM workloads running that OS in Azure VMs. The ability to do this in non-Azure and non-Azure Edition SKU’s is new though.
The Long Story Long – (let’s get into the rest of the details)
As interesting as this all is, and potentially trace revenue-generating for Microsoft, it does carry some caveats to be aware of. These include both a strict requirement and an asterisk regarding this ‘rebootless’ nature:
That last bullet is of note here. While you can use hot patching most months of the year to avoid reboots or interruptions to workloads, you must run “Baseline” patches, which require a reboot, at least every quarter or four times a year.
Microsoft’s current announced schedule for how hot patching will work is that January, April, July, and October will all be ‘baseline’ months requiring full reboots and scheduled downtime, with the months in between not requiring reboots or workload interruptions.
If you’d like to test out Hot Patching without an upfront charge or commitment, Microsoft is currently running a No Cost Preview from now until July (when the subscription and charges would officially start).
(reference: https://www.microsoft.com/en-us/windows-server/blog/2025/04/24/tired-of-all-the-restarts-get-hotpatching-for-windows-server/ for full announcement, And: https://learn.microsoft.com/en-us/azure/azure-arc/servers/onboard-windows-server?toc=%2Fwindows-server%2Fget-started%2Ftoc.json&bc=%2Fwindows-server%2Fbreadcrumbs%2Ftoc.json for how to set up Azure Arc connections)
Recommended by LinkedIn
Read on for further details (and Windows 11 Hot Patching?!)
So, how did we get here? – (and other interesting notes)
The reason this announcement likely caused some confusion and made waves is rooted in two ‘paid patching’ scenarios that actually do require you to pay for patches from Microsoft. These would be back when Server 2008 R2 and Server 2012/R2 went hard EOL after years of delay.
Several years ago, Microsoft created Extended Security Update licensing (ESU licenses) for Server 2008 and 2012 families to bridge when those OSes went fully EOL with no more ‘normal’ monthly updates and a paid path to get up to 3 more years of support to ease migration to in-support versions.
In both cases, the longest you could get additional support was three years, and each year, the compounded cost was on top of the last. The idea was to encourage you to migrate to an in-support version.
Then, last year, it was announced that Windows 10 (both consumer and enterprise) customers would also have the option of paying for continued updates after its hard EOL cut-off from getting monthly updates.
With all this front of mind, it is easy to see a headline and immediately worry that this was all an eventual move to PFEaaS (Pay-For-Everything-as-a-Service, not a real acronym, I hope), where all updates now will cost. And this is why we can’t have nice things.
We’re not heading there quite yet, and hopefully won’t. Another interesting final tidbit could eventually get us there, though: Did you know that Windows 11 Enterprise-level M365 SKUs can also do hot patching?
As announced late last year, specific levels of licensing can actually do hot patching at the Client OS level too:
The update cadence is the exact same as Server level ‘HotPatching’ (Jan, Apr, July, Oct, require reboots, the other months won’t), and it’s currently ‘free.’ (with the usual caveats)
If you’re interested in the currently free Windows 11 hot patching and you meet the following requirements, you can test it out without currently risking any additional charges or costs, unlike the server-level hot patching.
Requirements for Windows 11 Hot patching:
Most of these requirements are likely to exist in many of our environments today and if you haven’t tried it already, Windows Autopatch can be a great ‘hands-off’ way to do simplified client patching with more control and assurance than a basic “Windows Update for Business” GPO or uncontrolled user-led updating.
I’m not seeing anything that would make this compatible with Endpoint Configuration Manager (MECM) in the equation or other Endpoint Device Managers as of yet; everything I’ve seen says this is basically an Intune and Autopatch draw.
And there you have it! The short story, the long story, and the additional related story(s) Hopefully, this helped separate the myths from the facts. If you’d like to see any future subjects covered, like Autopatch, etc., drop a comment!