June 2026 Windows security update requires restart for hotpatch-enabled devices

🚨 The Signal: A critical vulnerability (CVE-2026-45585) forces the June 2026 Windows security update to be a standard patch, requiring a restart for hotpatch-enabled devices. This prioritizes immediate security over hotpatch's no-restart benefit.

The Impact

Devices using Windows hotpatch will require a restart for the June 2026 security update, mitigating a publicly disclosed vulnerability.

• Hotpatch users: Devices will restart for the June 2026 update, ensuring critical vulnerability patching.
• Security teams: Confirmed patching of a critical vulnerability, reducing attack surface.
• IT operations: Manage expected restarts for hotpatch-enabled devices in June 2026.

The Action

1. Review Windows release health site for hotpatch update calendars for Windows 11 and Windows Servers.
2. Communicate expected device restarts to users of hotpatch-enabled devices for the June 2026 update.

Domain: Intune · Impact: medium · Workload: Intune · Essential Eight: Patch Operating Systems · ISM: ISM-1407, ISM-1501, ISM-1621, ISM-1622, ISM-1623, ISM-1654, ISM-1655, ISM-1694, ISM-1695, ISM-1696, ISM-1701, ISM-1702, ISM-1877, ISM-1889, ISM-1902