Microsoft has released a security update, KB5084597, targeting a vulnerability in the Windows Routing and Remote Access Service (RRAS) management tool for Windows 11 versions 25H2, and 24H2. The update, published on March 13, 2026, brings systems to OS Builds 26200.7982 and 26100.7982.
KB5084597 Addresses RRAS Security Issue
According to Microsoft’s support page, the update resolves a security flaw in the RRAS management tool that could allow an attacker to disrupt the tool or execute code on a device if a user connects to a malicious remote server. The vulnerabilities addressed are tracked as CVE-2026-25172, CVE-2026-25173, and CVE-2026-26111.
This is a focused release, distinct from a standard Patch Tuesday cumulative update. Microsoft’s changelog highlights only the networking security fix, indicating the patch was specifically designed to address the RRAS vulnerability without bundling broader changes. This targeted approach reflects the increasing need for rapid security responses in a landscape of evolving cyber threats.
This Hotpatch is for Managed Devices
The KB5084597 update is not a general rollout for all Windows 11 PCs. Microsoft states that the update is offered only to devices enabled for hotpatching, and no action is required for PCs receiving standard Windows updates. The patch downloads automatically through Windows Update on eligible systems and takes effect without a reboot.
Microsoft’s hotpatch documentation explains that these updates are monthly security releases designed for installation without rebooting, aiming to improve compliance and reduce disruption. Hotpatch requires Windows Autopatch and is intended for managed devices enrolled in an appropriate quality update policy.
Hotpatch Now Available for More Windows 11 Arm64 Devices
Microsoft also announced that hotpatch is now generally available for Windows 11 25H2 and 24H2 Arm64 devices, provided they meet specific requirements. According to the KB5084597 page, Arm64 devices need Windows 11 Enterprise, Intune with hotpatch policy enabled, an eligible license, virtualization-based security enabled, and compiled hybrid PE disabled.
This makes KB5084597 particularly relevant for IT administrators in enterprise environments. For managed fleets that meet the criteria, the update demonstrates the value of Microsoft’s approach to security patching: immediate deployment, automatic installation, and avoidance of reboots that could interrupt workflows.
Microsoft Reports No Known Issues
As of March 15, 2026, Microsoft reports no known issues with the KB5084597 update. This is notable, as emergency or out-of-band Windows patches sometimes introduce deployment problems, especially when dealing with security-sensitive network components.
You can utilize the Microsoft Feedback Hub to report any issues.
