Microsoft will begin charging $1.50 per core, per month for its hot patching feature on Windows Server 2025 Standard and Datacenter editions running on-premises, starting July 1, 2025. The capability, which lets administrators install security updates without rebooting servers, had been available as a free preview and is still included at no extra cost on Azure virtual machines. The move means IT teams that manage their own hardware must now decide whether the promise of zero-downtime patches is worth a recurring operational expense.
The Paywall Drops in July
Hot patching for on-premises Windows Server 2025 was originally offered as a preview, and many in the community expected Microsoft to fold it into the standard license like it does in Azure. Instead, the company is converting it into a paid subscription. As first reported by Techzine, the pricing is set at $1.50 per core per month, with customers eligible for eight hot patches per year. The subscription does not eliminate traditional reboot-required updates entirely; Microsoft says certain critical fixes will still need a full restart. But it substantially reduces the frequency of disruptive maintenance.
Organizations still on the preview must actively opt out before June 30, 2025; otherwise, they’ll be automatically enrolled in the paid service. For a modest 16-core server, that’s an extra $288 per year. A rack of ten such servers pushes the annual bill to $2,880—enough to catch the attention of budget-conscious operations.
What This Means for IT Operations
If you run Windows Server 2025 in your own data center, the new fee splits your patching strategy into two tiers: hot-patched servers that stay up through most updates, and traditionally patched servers that require reboot windows. For latency-sensitive applications, financial trading systems, healthcare databases, or any workload where every minute of uptime counts, the cost might be a no-brainer. For batch-processing systems or less critical roles, the extra charge may be hard to justify.
Small and medium-sized businesses often run fewer servers but tighter margins. A small shop with two servers might stomach the added $576 per year, but the principle grates: security features, many argue, should not be gated behind an upsell. Larger enterprises with thousands of cores will see the line item add up fast, and they’ll need to weigh whether moving those workloads to Azure—where hot patching is included—finally makes financial sense.
The patch cadence matters, too. With only eight hot patches annually, administrators still need to plan for the occasional reboot. That means maintenance windows don’t disappear; they just become rarer. Your change management process will need to track which updates are hot-patchable and which aren’t, adding a layer of patch triage.
How We Got Here: Azure First, On-Premises Later
Microsoft introduced hot patching for Windows Server Azure Edition and Windows Server 2022 running in Azure back in 2022. It was marketed as a key reason to move server workloads to the cloud. For on-premises deployments, the feature remained absent until the Windows Server 2025 preview, which finally brought it to local hardware. The preview led many administrators to assume that hot patching would be a permanent, no-cost component of the operating system, much like it is in the Linux world, where live patching is often built into enterprise subscriptions or available free for limited use.
Instead, Microsoft is treating it as a premium add-on that follows the Azure logic: cloud customers get it baked in; on-premises users pay extra. This mirrors earlier decisions, such as placing detailed audit logging behind higher-tier licenses. The company frames it as offering choice, but it effectively creates a two-tier security posture depending on budget.
What You Should Do Right Now
-
Audit your on-premises server fleet. Identify every instance of Windows Server 2025 Standard or Datacenter that is currently using the hot patching preview. Count the total number of physical cores assigned to those systems.
-
Calculate the annual cost. Multiply total cores by $1.50 then by 12. Factor in any expected growth or consolidation. Compare this against the cost of downtime per incident in your organization.
-
Evaluate your patching risk. If you forgo hot patching, quantify how long your systems typically remain unpatched after Patch Tuesday. In ransomware-heavy environments, every hour counts. If you can patch within a day through conventional means, the value of hot patching diminishes.
-
Consider Azure migration for eligible servers. For servers that can move to the cloud, running them as Azure VMs would include hot patching at no additional license cost. But weigh data egress fees, latency, and compliance requirements.
-
Set a calendar reminder for June 15, 2025. Microsoft will auto-enroll preview users into the paid tier on July 1. You must manually opt out if you don’t want to pay. The exact opt-out method hasn’t been detailed yet, so keep an eye on your Azure Arc or Windows Admin Center console.
-
Join the conversation. Microsoft has reversed course on licensing before, as with the Windows Server 2012 R2 termination support fee adjustments. Feedback from large customers and the community can influence future packaging. If you feel strongly, use your Enterprise Agreement contacts or the Windows Server feedback channels to voice concerns.
Outlook: A Pivot Point for Server Patching
The hot patching fee is unlikely to disappear overnight, but its reception will test how far Microsoft can push feature segmentation. Linux distributions like Ubuntu and Red Hat are making live patching increasingly accessible, often bundling it with a standard support contract. If Windows Server admins see the paid hot patching as unwarranted, they may prompt Microsoft to reconsider—perhaps bundling it for critical security patches only or offering a lower-cost annual cap for small deployments.
For now, the message is clear: zero-downtime updates on your own servers come with a monthly bill. Whether that bill is a bargain or a burden depends on how many cores you manage and how much you value uninterrupted uptime.