A recent Windows Server Update Services (WSUS) patch was mistakenly distributed to machines configured to receive Hotpatch updates, severely disrupting the seamless patching process that allows security updates to deploy without requiring system restarts.
The company has since corrected the distribution error, but organizations with affected systems now face a three-month gap in Hotpatch functionality and must follow specific remediation procedures to restore normal operations.
The problematic update was briefly made available to all Windows Server 2025 machines, regardless of their Hotpatch enrollment status.
Although Microsoft quickly identified and corrected the distribution error, a limited number of Hotpatch-enrolled devices had already downloaded and installed the incompatible update.
The company immediately restricted the update’s availability to only machines not enrolled in the Hotpatch program.
This issue exclusively affects Windows Server 2025 devices and virtual machines configured to receive Hotpatch updates.
Organizations running earlier versions of Windows Server or systems not configured for Hotpatch remain completely unaffected by this distribution error.
The incident underscores the operational complexities involved in managing multiple update channels across large enterprise environments.
Systems that successfully installed the incorrect update now face a temporary but significant interruption in their Hotpatch update cycle.
These affected machines have been effectively removed from the “Hotpatch train” and will not receive scheduled Hotpatch updates for November and December 2025.
Instead, affected systems will be offered standard monthly security updates that require full system restarts, completely negating the primary benefit of the Hotpatch program.
Microsoft has outlined a recovery timeline for impacted machines. After installing the planned baseline update scheduled for January 2026, affected systems will be automatically re-enrolled in the Hotpatch update cycle.
The next available Hotpatch update for these machines will be offered in February 2026, representing a three-month functionality gap.
For administrators whose systems have downloaded but not yet installed the problematic update, Microsoft provides a straightforward workaround.
Users should navigate to Settings, select Windows Update, and choose the option to pause updates.
After unpause and scanning for new updates, the system will be offered the correct update package.
Hotpatch-enrolled machines that avoided installing the incorrect update will receive the appropriate Security Update for Windows Server Update Services, identified as KB5070893 and released on October 24, 2025.
This update must be installed on top of the October 2025 baseline update KB5066835.
Systems following this installation path will maintain their position on the Hotpatch update schedule and continue receiving Hotpatch updates throughout November and December.
Notably, only machines with WSUS enabled will be required to restart after installing the KB5070893 security update.
Organizations experiencing issues or requiring additional guidance should contact Microsoft Support for specialized assistance with this patching disruption.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
The post Microsoft’s WSUS Patch Disrupts Hotpatching on Windows Server 2025 appeared first on Cyber Security News.
If you're ready to set your house up for Wi-Fi 7, have I found the…
Shopping for a good gaming monitor but want to keep your budget under $100? On…
It's no surprise why USB portable monitors are becoming so popular, especially with most people…
Renea DeLong caries an American flag and white flower at the No Kings Rally in…
Renea DeLong caries an American flag and white flower at the No Kings Rally in…
A new weekend has arrived, and today, you can save big on Dragon Quest III…
This website uses cookies.