Microsoft plans to release a new tool that will automate the patch management process, virtually eliminating Patch Tuesdays for many organizations.

The company's new Windows Autopatch service will keep business PCs continuously up-to-date as part of a new feature included in the Windows Enterprise E3 subscription service.

Organizations running systems with a Windows 10 or Windows 11 Enterprise E3 license will be eligible for the new patch service, which is expected to be generally available in July.

"This service will automatically keep Windows and Office software up to date on enrolled devices at no additional cost," wrote Lior Bela, senior product marketing manager at Microsoft, in a blog post. “IT administrators can save time and resources to create value. The second Tuesday of every month will be 'just another Tuesday'."

captura de pantalla de parche automático de Windows Microsoft

The Microsoft Autopatch feature requires one-click approval to work.

Patch Tuesday (more recently Update Tuesday) is a colloquial term used in the computer industry to refer to when Microsoft and others release unique fixes for your operating system and other software. Patch Tuesday is always the second Tuesday of every month.

Microsoft said it automates software updates in response to the "evolving nature of technology." For example, the pandemic has increased the demand for remote or hybrid working, making performance and security updates even more crucial as systems are more often outside an organization's firewall.

"IT administrators should feel the value immediately, as they don't have to plan for deployment and sequencing of updates, and in the long term, as the increased bandwidth frees them up to focus on value creation," he said. beautiful. “Quality updates should improve device performance and reduce support tickets. Feature updates should provide users with an optimal user experience, with increased availability and new tools for creating and collaborating.”

Windows Autopatch will be able to detect differences between endpoints and place them in four "test rings" or groups, then dynamically check them for necessary updates.

There will first be a "test ring" containing a minimum number of devices representative of all device types and configurations under management. The next ring is slightly larger and contains about 1% of all managed devices. A third "fast" ring contains approximately 9% of the devices, and the remaining 90% of the devices will be assigned to a "wide" ring. The percentages do not change when devices are added or removed from the service network.

The purpose of the four rings is to ensure that there are no software issues associated with firmware or software updates. As each group passes testing, updates are installed until all devices in an organization are patched.

Windows Autopatch will manage all aspects of device group deployments for Windows 10 and Windows 11 feature and quality updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates, Bella said.

From an endpoint management perspective, the primary prerequisite for Autopatch is Intune or co-management. The service has a built-in readiness assessment tool that will check the relevant settings in Intune, Azure Active Directory, and Microsoft 365 Apps for enterprise to see if they are configured to work with Autopatch.

The online tool checks all of an organization's settings in Microsoft Endpoint Manager, specifically Microsoft Intune, Azure Active Director, and Microsoft 365, to make sure they work with the Autopatch service. If any settings are listed as "not ready," the service has one-click instructions on how to fix the issues, Microsoft said.

"After you provide your consent, Microsoft automatically performs all other steps for you and will manage the creation of the correct policies and groups so that updates are ready to deploy," said Mark Florida, product manager for Principal Engineering at Microsoft in a video. presentation. “Speaking of saving time. Imagine doing all the policy configuration and group definitions yourself. »

Copyright © 2022 IDG Communications, Inc.

Share This