diff --git a/charts/gateway-helm/templates/_helpers.tpl b/charts/gateway-helm/templates/_helpers.tpl
index cbfcf8dd03..469e003294 100755
--- a/charts/gateway-helm/templates/_helpers.tpl
+++ b/charts/gateway-helm/templates/_helpers.tpl
@@ -176,12 +176,27 @@ provider:
       {{- end }}
     shutdownManager:
       image: {{ include "eg.image" . }}
+{{- if or (eq (include "eg.isKube135OrHigher" .) "true") (not .Values.topologyInjector.enabled) }}
+    proxyTopologyInjector:
+      disabled: true
+{{- end }}
 {{- with .Values.config.envoyGateway.extensionApis }}
 extensionApis:
   {{- toYaml . | nindent 2 }}
 {{- end }}
-{{- if not .Values.topologyInjector.enabled }}
-proxyTopologyInjector:
-  disabled: true
-{{- end }}
 {{- end }}
+
+{{/*
+Check if Kubernetes version is 1.35 or higher
+*/}}
+{{- define "eg.isKube135OrHigher" -}}
+{{- if .Capabilities.KubeVersion.GitVersion -}}
+{{- if semverCompare ">=1.35.0-0" .Capabilities.KubeVersion.GitVersion -}}
+true
+{{- else -}}
+false
+{{- end -}}
+{{- else -}}
+false
+{{- end -}}
+{{- end -}}
diff --git a/charts/gateway-helm/templates/_rbac.tpl b/charts/gateway-helm/templates/_rbac.tpl
index 70a8fb80e7..4f74b57aa1 100644
--- a/charts/gateway-helm/templates/_rbac.tpl
+++ b/charts/gateway-helm/templates/_rbac.tpl
@@ -9,7 +9,7 @@ All namespaced resources for Envoy Gateway RBAC.
 - {{ include "eg.rbac.namespaced.gateway.envoyproxy.status" . | nindent 2 | trim }}
 - {{ include "eg.rbac.namespaced.gateway.networking" . | nindent 2 | trim }}
 - {{ include "eg.rbac.namespaced.gateway.networking.status" . | nindent 2 | trim }}
-{{- if .Values.topologyInjector.enabled }}
+{{- if and .Values.topologyInjector.enabled (not (eq (include "eg.isKube135OrHigher" .) "true")) }}
 - {{ include "eg.rbac.namespaced.topologyinjector" . | nindent 2 | trim }}
 {{- end }}
 {{- end }}
diff --git a/charts/gateway-helm/templates/certgen.yaml b/charts/gateway-helm/templates/certgen.yaml
index 7f5f7dc722..a26add0d78 100644
--- a/charts/gateway-helm/templates/certgen.yaml
+++ b/charts/gateway-helm/templates/certgen.yaml
@@ -28,7 +28,7 @@ spec:
     spec:
       containers:
       {{- $args := .Values.certgen.job.args }}
-      {{- if not .Values.topologyInjector.enabled }}
+      {{- if or (not .Values.topologyInjector.enabled) (eq (include "eg.isKube135OrHigher" .) "true") }}
         {{- $args = append $args "--disable-topology-injector" }}
       {{- end }}
       {{- if $args }}
diff --git a/charts/gateway-helm/templates/envoy-gateway-deployment.yaml b/charts/gateway-helm/templates/envoy-gateway-deployment.yaml
index 9614202eb1..50059757f5 100644
--- a/charts/gateway-helm/templates/envoy-gateway-deployment.yaml
+++ b/charts/gateway-helm/templates/envoy-gateway-deployment.yaml
@@ -73,7 +73,7 @@ spec:
         - containerPort: {{ .port }}
           name: {{ .name }}
         {{- end}}
-        {{- if .Values.topologyInjector.enabled }}
+        {{- if and .Values.topologyInjector.enabled (not (eq (include "eg.isKube135OrHigher" .) "true")) }}
         - name: webhook
           containerPort: 9443
         {{- end }}
diff --git a/charts/gateway-helm/templates/envoy-gateway-service.yaml b/charts/gateway-helm/templates/envoy-gateway-service.yaml
index bc2a1a318e..6d0b41ffde 100644
--- a/charts/gateway-helm/templates/envoy-gateway-service.yaml
+++ b/charts/gateway-helm/templates/envoy-gateway-service.yaml
@@ -20,7 +20,7 @@ spec:
   {{- include "eg.selectorLabels" . | nindent 4 }}
   ports:
   {{- .Values.deployment.ports | toYaml | nindent 2 -}}
-  {{- if .Values.topologyInjector.enabled }}
+  {{- if and .Values.topologyInjector.enabled (not (eq (include "eg.isKube135OrHigher" .) "true")) }}
   - name: webhook
     port: 9443
     targetPort: 9443
diff --git a/charts/gateway-helm/templates/envoy-proxy-topology-injector-webhook.yaml b/charts/gateway-helm/templates/envoy-proxy-topology-injector-webhook.yaml
index 159c4e591c..e3fb58f34b 100644
--- a/charts/gateway-helm/templates/envoy-proxy-topology-injector-webhook.yaml
+++ b/charts/gateway-helm/templates/envoy-proxy-topology-injector-webhook.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.topologyInjector.enabled }}
+{{- if and .Values.topologyInjector.enabled (not (eq (include "eg.isKube135OrHigher" .) "true")) }}
 
 {{ $watchedNamespaces := list }}
 {{ $gatewayNamespaceMode := false}}
diff --git a/internal/infrastructure/kubernetes/proxy/resource.go b/internal/infrastructure/kubernetes/proxy/resource.go
index 96901a3ea3..dfb268a03b 100644
--- a/internal/infrastructure/kubernetes/proxy/resource.go
+++ b/internal/infrastructure/kubernetes/proxy/resource.go
@@ -136,7 +136,7 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
 			ImagePullPolicy:          corev1.PullIfNotPresent,
 			Command:                  []string{"envoy"},
 			Args:                     args,
-			Env:                      expectedContainerEnv(containerSpec),
+			Env:                      expectedContainerEnv(containerSpec, topologyInjectorDisabled),
 			Resources:                *containerSpec.Resources,
 			SecurityContext:          expectedEnvoySecurityContext(containerSpec),
 			Ports:                    ports,
@@ -198,7 +198,7 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
 			ImagePullPolicy:          corev1.PullIfNotPresent,
 			Command:                  []string{"envoy-gateway"},
 			Args:                     expectedShutdownManagerArgs(shutdownConfig),
-			Env:                      expectedContainerEnv(nil),
+			Env:                      expectedContainerEnv(nil, topologyInjectorDisabled),
 			Resources:                *egv1a1.DefaultShutdownManagerContainerResourceRequirements(),
 			TerminationMessagePolicy: corev1.TerminationMessageReadFile,
 			TerminationMessagePath:   "/dev/termination-log",
@@ -424,7 +424,7 @@ func sdsConfigMapItems(gatewayNamespaceMode bool) []corev1.KeyToPath {
 }
 
 // expectedContainerEnv returns expected proxy container envs.
-func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec) []corev1.EnvVar {
+func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec, topologyInjectorDisabled bool) []corev1.EnvVar {
 	env := []corev1.EnvVar{
 		{
 			Name: envoyNsEnvVar,
@@ -449,7 +449,7 @@ func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec) []corev
 			ValueFrom: &corev1.EnvVarSource{
 				FieldRef: &corev1.ObjectFieldSelector{
 					APIVersion: "v1",
-					FieldPath:  fmt.Sprintf("metadata.annotations['%s']", corev1.LabelTopologyZone),
+					FieldPath:  expectedZoneFieldPath(topologyInjectorDisabled),
 				},
 			},
 		},
@@ -462,6 +462,19 @@ func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec) []corev
 	}
 }
 
+// expectedZoneFieldPath returns the fieldPath for the zone environment variable
+// based on whether the topology injector MutatingWebhookConfiguration is enabled or disabled.
+// - When topology injector is enabled (disabled=false): zone is in annotations
+// - When topology injector is disabled (disabled=true): zone is in labels (K8s 1.35+ PodTopologyLabels)
+func expectedZoneFieldPath(topologyInjectorDisabled bool) string {
+	if topologyInjectorDisabled {
+		// K8s 1.35+ PodTopologyLabels: zone is in pod labels
+		return fmt.Sprintf("metadata.labels['%s']", corev1.LabelTopologyZone)
+	}
+	// Topology injector webhook: zone is in pod annotations
+	return fmt.Sprintf("metadata.annotations['%s']", corev1.LabelTopologyZone)
+}
+
 // calculateMaxHeapSizeBytes calculates the maximum heap size in bytes as 80% of Envoy container memory limits.
 // In case no limits are defined '0' is returned, which means no heap size limit is set.
 func calculateMaxHeapSizeBytes(envoyResourceRequirements *corev1.ResourceRequirements) uint64 {
diff --git a/internal/infrastructure/kubernetes/proxy/resource_test.go b/internal/infrastructure/kubernetes/proxy/resource_test.go
index 4bbca074e4..e1c4898c97 100644
--- a/internal/infrastructure/kubernetes/proxy/resource_test.go
+++ b/internal/infrastructure/kubernetes/proxy/resource_test.go
@@ -183,3 +183,29 @@ func TestGetImageTag(t *testing.T) {
 		})
 	}
 }
+
+func TestExpectedZoneFieldPath(t *testing.T) {
+	tests := []struct {
+		name                     string
+		topologyInjectorDisabled bool
+		expectedPath             string
+	}{
+		{
+			name:                     "topology injector enabled - use annotations",
+			topologyInjectorDisabled: false,
+			expectedPath:             "metadata.annotations['topology.kubernetes.io/zone']",
+		},
+		{
+			name:                     "topology injector disabled - use labels",
+			topologyInjectorDisabled: true,
+			expectedPath:             "metadata.labels['topology.kubernetes.io/zone']",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			path := expectedZoneFieldPath(tt.topologyInjectorDisabled)
+			require.Equal(t, tt.expectedPath, path)
+		})
+	}
+}
diff --git a/internal/xds/bootstrap/bootstrap.yaml.tpl b/internal/xds/bootstrap/bootstrap.yaml.tpl
index 08e14df220..a55f1bf281 100644
--- a/internal/xds/bootstrap/bootstrap.yaml.tpl
+++ b/internal/xds/bootstrap/bootstrap.yaml.tpl
@@ -14,7 +14,11 @@ cluster_manager:
 {{- end }}
 node:
   locality:
+{{- if .TopologyInjectorDisabled }}
+    zone: "$(ENVOY_SERVICE_ZONE)"
+{{- else }}
     zone: $(ENVOY_SERVICE_ZONE)
+{{- end }}
 stats_config:
   use_all_default_tags: true
   stats_tags:
diff --git a/internal/xds/bootstrap/testdata/render/topology-injector-disabled.yaml b/internal/xds/bootstrap/testdata/render/topology-injector-disabled.yaml
index 76667aa41b..3395145e3a 100644
--- a/internal/xds/bootstrap/testdata/render/topology-injector-disabled.yaml
+++ b/internal/xds/bootstrap/testdata/render/topology-injector-disabled.yaml
@@ -10,7 +10,7 @@ admin:
       port_value: 19000
 node:
   locality:
-    zone: $(ENVOY_SERVICE_ZONE)
+    zone: "$(ENVOY_SERVICE_ZONE)"
 stats_config:
   use_all_default_tags: true
   stats_tags:
diff --git a/release-notes/current.yaml b/release-notes/current.yaml
index 42ca229a7d..7c48acee6a 100644
--- a/release-notes/current.yaml
+++ b/release-notes/current.yaml
@@ -29,12 +29,15 @@ bug fixes: |
   Fixed a nil pointer error when applying BackendTrafficPolicy to HTTPRoutes with no backendRefs.
   Fixed ExternalTrafficPolicy not being applied to Envoy Service when ServiceType is NodePort.
   Fixed CRL ref not processed by gateway controller.
+  Fixed bug where disabling proxyTopologyInjector via Helm wasn't working
 
 # Enhancements that improve performance.
 performance improvements: |
 
 # Deprecated features or APIs.
 deprecations: |
+  Disables TopologyInjector Admission Webhook for K8s v1.35+ since topology info is now automatically injected by Kubernetes directly
 
 # Other notable changes not covered by the above sections.
 Other changes: |
+
diff --git a/test/helm/gateway-helm/webhook-disabled.out.yaml b/test/helm/gateway-helm/webhook-disabled.out.yaml
index b0642aa9e8..b924a36295 100644
--- a/test/helm/gateway-helm/webhook-disabled.out.yaml
+++ b/test/helm/gateway-helm/webhook-disabled.out.yaml
@@ -36,6 +36,8 @@ data:
         default: info
     provider:
       kubernetes:
+        proxyTopologyInjector:
+          disabled: true
         rateLimitDeployment:
           container:
             image: docker.io/envoyproxy/ratelimit:master
@@ -51,8 +53,6 @@ data:
         shutdownManager:
           image: docker.io/envoyproxy/gateway-dev:latest
       type: Kubernetes
-    proxyTopologyInjector:
-      disabled: true
 ---
 # Source: gateway-helm/templates/envoy-gateway-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1