Microsoft says that Windows Autopatch, an enterprise service that automatically keeps Windows and Microsoft 365 software up to date, is generally available starting today.
Windows Autopatch was first announced in April when Microsoft said it would be available for free to Microsoft customers with a Windows 10/11 Enterprise E3 license or greater starting July 2022 (it reached public preview in early June).
This new service automatically manages the deployment of Windows 10 and Windows 11 quality and feature updates, as well as driver, firmware, and Microsoft 365 Apps for enterprise updates.
On enrolled tenants, Windows Autopatch moves the update orchestration from organizations to Microsoft, with the burden of planning the entire Update process (including rollout and sequencing) no longer on the IT teams.
“We are pleased to announce that this service is now generally available for customers with Windows Enterprise E3 and E5 licenses,” said Lior Bela, a Sr. Product Marketing Manager at Microsoft.
“Microsoft will continue to release updates on the second Tuesday of every month and now Autopatch helps streamline updating operations and create new opportunities for IT pros.”
Microsoft provides the following steps admins have to go through to enroll devices in Windows Autopatch (you can watch a video with more detailed instructions here):
- Find the Windows Autopatch entry in the Tenant Administration blade of the Microsoft Endpoint Manager admin center
- Select Tenant enrollment
- Select the check box to agree to the terms and conditions and select ‘Agree’
- Select ‘Enroll’
Once set up for a tenant, Windows Autopatch will automatically break up the device fleet into four groups of devices known as testing rings.
The ‘test ring’ contains a minimum number of devices, the ‘first ring’ roughly 1% of all endpoints in the corporate environment, the ‘fast ring’ around 9%, and the ‘broad ring” the rest of 90% of devices.
The updates get deployed progressively, starting with the test ring and moving on to the larger sets of devices after a validation period that allows device performance monitoring and pre-update metrics comparison.
Windows Autopatch also has built-in Halt and Rollback features that will block updates from being applied to higher test rings or automatically rolled back to help resolve update issues.
“Once you’ve enrolled devices into Autopatch, the service does most of the work,” Bela added on Monday.
“But through the Autopatch blade in Microsoft Endpoint Manager, you can fine-tune ring membership, access the service health dashboard, generate reports, and file support requests.”
Source: www.bleepingcomputer.com