What is a Microsoft hotfix?

Hotfixes can solve an array of problems in your enterprise, but they have certain limitations and need to be managed properly.

Microsoft releases software updates in three ways: service packs, Windows updates and hotfixes.

  • Windows updates are familiar even to consumers. Typically, they are security fixes that have been tested. It's generally safe to install updates, but in production environments, it doesn't hurt to first test them in a test lab.
  • Service packs are collections of fixes for specific products. Microsoft has tested these fixes thoroughly, and each service pack is released through Windows Update in a standalone package.
  • Hotfixes -- the trickiest of the three-- are solutions to bugs discovered by Microsoft's development and testing process or through support cases logged with Microsoft. They are minimally tested, and there is no guarantee that they will work, although Microsoft does attempt to repair failed hotfixes.

You need to understand hotfixes to properly apply out-of-band updates that fix bugs in software components while also maintaining server stability.

Microsoft releases a hotfix rollup when there are a several fixes for a component such as the Volume Shadow Copy Service (VSS). These rollups are more thoroughly tested than individual hotfixes but not to the same extent as service packs. When dealing with problems relating to a particular component, rollups can be a good solution. If you need to find rollups for a component, search on the word "rollup" and the component name or a description of the problem. Code distribution paths

To keep all this development straight, Microsoft has two code paths: General distribution release (GDR) and limited distribution release (LDR).

Recent desktop security tips and articles

Microsoft releases 11 patches for Windows, Exchange and Office

Weighing Windows Firewall for enterprise desktop protection 

Securing removable drives with BitLocker To Go

Updates and service packs follow the GDR path, while hotfixes follow the LDR path. When you install a hotfix, it's a version not known to the GDR path. To prevent components from going backwards in the version, Microsoft releases both LDR and GDR components in the updates, which are smart enough to know which one you have and keep you on that path.

For example, say you installed a hotfix of volsnap.sys, a component used in creating volume snapshots. In this knowledge base, there are components for x86, x64 and IA64 platforms, and there are three x64 components:

For all supported x64-based versions of Windows Server 2003 SP2

File name File version File size Date Time Platform SP requirement Service branch
Volsnap.sys 5.2.3790.4650 317,440 15-Jan-2010 15:57 x64 SP2 Not Applicable
W03a3409.dll 5.2.3790.4590 44,032 15-Jan-2010 15:57 x64 SP2 Not Applicable
Ww03a3409.dll 5.2.3790.4590 43,520 15-Jan-2010 15:57 x86 SP2 WOW

Before installing any hotfix, check out the file version, release date, and required operating system and service pack. Make sure that the version of the component on your system is older than the one in the hotfix. If you have a newer version, then another hotfix has been applied.

Now, suppose you installed this hotfix on your server, and then a Windows update is installed with volsnap.sys. Since installation of the hotfix branched down to the LDR path, when updates come, this server will get them from the LDR path -- not the GDR path.

For example, let's say Service Pack 3 was released for Windows 2003. The fixes in the service pack have been tested, and this pack contains all the fixes in the LDR path. Once the service pack is applied, the machine returns to the GDR path moving toward the next Windows version. Updating to the next Windows version often requires installing the latest service pack for the existing OS.

Managing hotfixes
Administrators often look for a hotfix when they encounter a problem with their systems. While this is not a bad idea, remember the warning on every hotfix:

This hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

Hotfixes are very specific, so while it may not hurt to apply them, unless your problem matches the knowledge base description, they probably won't help the situation.

Before installing a hotfix, test it in your lab and have the installation go through the normal change management process. In other words, treat a hotfix like a component that hasn't been thoroughly tested. Ultimately, it will end up in the next service pack or the next Windows version. In addition, a newer version of a hotfix contains the fixes from the older version. This makes it difficult to pinpoint what the older versions fixed. Therefore, on main components like NTFS.sys, it's good to update with the newest hotfix if you are having problems that you have isolated sufficiently to suspect these components. The table here lists the primary components related to Microsoft clusters:

Driver name Latest available version
StorPort.sys 5.2:3790.4485 -- MS HotFix 957910
Disk.sys 5.2.3790.4006 -- MS HotFix 929161
ClusDisk.sys 5.2.3790.4367 -- MS HotFix 957419
NTFS.sys 5.2.3790.4563 -- MS HotFix 974127
FtDisk.sys 5.2.3790.4476 -- MS HotFix 968502
VolSnap.sys 5.2.3790.4650 -- MS HotFix 979457

While just installing most of these components to a healthy cluster is not a good idea, they should be updated if failures -- especially disk errors -- are being logged on your system.

The exception is storage drivers, including Microsoft's Storport.sys miniport driver, and the MPIO (Multipath I/O), DSM (device specific module) and HBA (host bus adapter) drivers. The drivers have to align with the supported versions of one another (not necessarily the newest ones) and storage vendors and Microsoft are continually releasing new products. If you do not pay attention to the drivers, it's easy to end up in an unsupported configuration. Your storage vendor will be able to tell you which versions you should have.

The most frustrating thing about keeping the storage drivers updated may be the treasure hunt that's required to find the latest Storport.sys driver. Microsoft releases it to solve specific problems, but like any other hotfix, old fixes are rolled into newer ones. While you may not have the problem the newest version is released for, you always want the latest version, and finding it isn't easy. Searching Google for Storport.sys is a good start -- then look at the knowledge bases to find the newest one. Again, make sure your current storage components support the latest version of Storport.

Hotfixes are important to resolving problems and maintaining stability in your servers, but be aware of the consequences, and manage them appropriately.

Gary Olsen is a systems software engineer in Global Solutions Engineering at Hewlett-Packard. He authored Windows 2000: Active Directory Design and Deployment and co-authored Windows Server 2003 on HP ProLiant Servers. Olsen is a Microsoft MVP for Directory Services and formerly for Windows File Systems.

Dig Deeper on Windows OS and management

Virtual Desktop