Per Microsoft, starting June 23 2025, the Microsoft Hotpatch feature setting will be enabled by default in Quality Update policies. The update applies to devices that meet the prerequisites for Hotpatch. With Hotpatch, updates are applied to machines without requiring a device reboot. However, what is Rapid7 doing regarding this change? It appears that when updates are applied using Hotpatch to mitigate a vulnerability, Rapid7 InsightVM does not pick up that information, and it still reports the vulnerabilities unless the machine is rebooted.
2 Likes
Hi @rmoses
We are aware of the Microsoft Hotpatch feature, and are committed to working to deliver this soon, and have it on our Q3 roadmap.
I currently do not have an ETA for delivery, as this will depend on the complexity of supporting both Hotpatches, and standard patches, in an accurate way without introducing accuracy issues in either deployment method.
This is one of the top priorities for our Microsoft Coverage team.
4 Likes