Microsoft recently launched a significant update to enhance security for Windows 11 Enterprise devices. This update is particularly important for systems that use hotpatches instead of the usual monthly cumulative updates.
The update, tagged as KB5084597, aims to correct vulnerabilities in the Windows Routing and Remote Access Service (RRAS). These flaws could potentially allow attackers to execute unauthorized code by connecting to a malicious server.
According to Microsoft’s advisory, “This issue only applies to a limited set of scenarios involving Enterprise client devices running hotpatch updates and being used for remote server management.”
This update is specifically for Windows 11 versions 25H2 and 24H2, as well as the Windows 11 Enterprise LTSC 2024 systems. Microsoft has tracked these vulnerabilities under CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111.
Microsoft highlighted that an attacker could exploit these vulnerabilities by tricking a user into sending a request to a harmful server using the RRAS Snap-in.
This update not only addresses the identified issues but also includes all improvements from the earlier March 2026 security updates. While cumulative updates typically require rebooting the device, hotpatches allow companies to patch vulnerabilities without the need for immediate reboots—a critical feature for devices used in mission-critical roles.
Hotpatch updates function by applying fixes to running processes in memory while also updating files on disk. When the device is rebooted, the updates remain in place without requiring downtime—a significant advantage for businesses that cannot afford interruptions.
Interestingly, as cybersecurity threats evolve, staying updated on security measures is crucial. Recent reports indicate a rise in sophisticated malware techniques, emphasizing the need for additional protections like in-memory patching.
This hotpatch will be automatically installed on devices that are part of the hotpatch update program managed through Windows Autopatch. Microsoft aims to ensure that all affected scenarios receive comprehensive security coverage.
For users and businesses, staying informed about these updates is essential to maintaining security in an increasingly vulnerable digital landscape. As cyber threats become more advanced, ensuring your systems are constantly updated can be your first line of defense.
