Forum Discussion

JuJuBee's avatar
JuJuBee
Copper Contributor
Jul 24, 2025

Intune: Windows & MS365 Apps Updating

Pardon the noobness... I am new (ish) to MS365 Admin and Endpoint management.  I see that I can keep the OS updated and MS 365 Apps update using 2 different methods.

  1. I can use the Settings Catalog (Intune->Devices->Windows->Configuration) to update MS 365 Apps and ((Intune->Devices->Windows->Windows Updates) to update the OS.
  2. I just learned about MS AutoPatch (Intune->Tennant Administration->Windows AutoPatch) to keep both updated.

My question is which is preferred at this point?  The AutoPatch option seems a bit easier to configure maybe?

 

Looking for advice...

J

microsoft intune

2 Replies

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Jul 25, 2025

    Would vote Windows Autopatch:

     

    - Easier to configure and manage
    - Safer (has rollback mechanisms if updates cause trouble)
    - Continuously maintained by Microsoft with fewer manual touchpoints

  • GriJ's avatar
    GriJ
    Brass Contributor
    Jul 25, 2025

    Hi,

     

    both configurations work well.

     

    Maybe you should look at it under the point of responsibility:

    1) Update Rings and Configuration Policy: the configuration is completely done by you and you have full control.

    2) AutoPatch: You do the initial setup. The rest is done by Microsoft. Here you do not have any influence on all settings.

     

    Update Rings

    Purpose: Control how and when Windows updates are delivered to devices.

     

    Use case Configure Windows Update for Business settings like deferral periods, restart behavior, active hours.

    Granularity Per-device or per-user targeting.

    Control You set when updates install, deadlines, and user experience (e.g., allow user to pause updates).

    Examples Create multiple rings: Fast (0-day deferral), Broad (7-day deferral), and Late (30-day deferral).

     

    Autopatch:

    Purpose: A fully-managed service by Microsoft to automate Windows updates across rings (devices groups) - no manual update ring creation needed.

     

    Use case Organizations that want Microsoft to manage Windows update deployment automatically.

    Rings Microsoft automatically assigns devices into four rings: Test, First, Fast, Broad.

    Includes Windows updates, Microsoft 365 apps updates, Microsoft Edge, Teams.

    Control Less control, but less overhead. You trust Microsoft's logic and telemetry.

    Good for Mid-large enterprises, or those who want to reduce update management overhe

     

    BR

Resources