Event banner
Event details
MECM, WSUS, Intune, WuFB, Windows Updates via Group policy, TPU's, Autopatch. What direction is the Microsoft recommended target path? (For all updates including drivers) For those of us using MECM with WSUS and TPU's currently, what should we be looking to go to. It feels like WSUS on the way out. What is the 'best' option to allow us to get updates to our users whether on-prem or off but still have enough control that if there is a problem update/driver etc, we can stop that going out and also allow us to push a vulnerability patch out of band quickly. Is there a comparison of all the various options you can do with the positives and negatives?
MEMCM/WSUS: On-prem solutions that give you the most granular control available. With MEMCM you can add a Cloud Management Gateway to manage endpoints anywhere there's internet.
WUfB: An OS feature and now cloud service (WUfB Deployment Service) is an iteration of/improvement to the Windows Update GPOs of years gone by. The Windows OS team is starting to add their own business controls.
Intune: A first party management tool for WUfB.
Autopatch: A managed service built upon WUfB and bespoke Microsoft product update mechanisms (Office, Edge, ect) to deliver a set of patching configurations that lead to success.