I have been pleading with MS engineers and managers for a guide on how we're supposed to deliver patch management as an MSP these days, considering how MS has completely ruined a previously good thing. I haven't found one support engineer or IT-savvy person that likes the new patch model, and this is on the heels of just a few months ago when I was discussing with clients how I haven't seen a bad, rogue update since Windows 98. Now it's a monthly occurrence. I do appreciate the article, but in reading between the lines, it's obvious that MS doesn't yet know how to answer that question. If no one has noticed, any computer that's on 1803 UBR=48 will not recognize the fact that MS released another Cumulative Update later in May (UBR=81). All systems think they are up to date unless you MANUALLY hit the "check for updates" button, at which time it will download the latest update and elevate you to UBR=81. Why? Why doesn't the auto-check recognize the CU is available? And that's just one issue. I could write a book on what I've been going through since October of last year. It's more than enough to start advising customers to move to MACs and Linux systems, surely. I just don't understand why we're going backwards as far as stable technology, and MS is breaking systems left and right with the new patch model, not to mention trust and relationships with MSPs and their customers. We all provide patch management with various RMM and MS tools, but now we can't. Please...just recognize this was a bad decision and roll back to how patching used to work. We'd all be better off and you would not have to write apologetic articles such as this, which this obviously is if you really read the message. You have folks jumping off the MS bandwagon daily, i'm sure you're aware. One question: if the local systems don't know there's an update available, how is Intune or WSUS supposed to work? …..exactly!