Event banner

AMA: Windows Autopatch

Event Ended
Thursday, Oct 27, 2022, 08:30 AM PDT
Online

Event details

Find out how Windows Autopatch is evolving to make Windows and Microsoft 365 update management more secure and more capable. Members of the marketing, product, and customer acceleration engineering teams will be explaining the upcoming enhancements and looking for comments, questions, and feedback.

This session is part of the Microsoft Technical Takeoff: Windows + Intune. Add it to your calendar, RSVP for event reminders, and post your questions and comments below! This session will also be recorded and available on demand shortly after conclusion of the live event.
Heather_Poulsen
Updated Dec 27, 2024
Technical Takeoff

74 Comments

Sort By
Show More
  • PaulKlerkx's avatar
    PaulKlerkx
    Iron Contributor
    Oct 19, 2022

    MECM, WSUS, Intune, WuFB, Windows Updates via Group policy, TPU's, Autopatch. What direction is the Microsoft recommended target path? (For all updates including drivers) For those of us using MECM with WSUS and TPU's currently, what should we be looking to go to. It feels like WSUS on the way out. What is the 'best' option to allow us to get updates to our users whether on-prem or off but still have enough control that if there is a problem update/driver etc, we can stop that going out and also allow us to push a vulnerability patch out of band quickly. Is there a comparison of all the various options you can do with the positives and negatives?

    • bdam55's avatar
      bdam55
      Iron Contributor
      Oct 27, 2022
      MEMCM/WSUS: On-prem solutions that give you the most granular control available. With MEMCM you can add a Cloud Management Gateway to manage endpoints anywhere there's internet. WUfB: An OS feature and now cloud service (WUfB Deployment Service) is an iteration of/improvement to the Windows Update GPOs of years gone by. The Windows OS team is starting to add their own business controls. Intune: A first party management tool for WUfB. Autopatch: A managed service built upon WUfB and bespoke Microsoft product update mechanisms (Office, Edge, ect) to deliver a set of patching configurations that lead to success.
    • SoupAtMSFT's avatar
      SoupAtMSFT
      Former Employee
      Oct 27, 2022
      There's a continuum of capabilities in the technologies identified above. If you're looking to move to a more managed/modern approach, then Autopatch may work for you and your org. If you require elevated functionality, desire more fine grained control, then WUfB may be more appropriate. Many customers have shared that they just don't want to (as active) in the patch and update business and want to reduce their hardware server infrastructure related to device management. Autopatch is a great service and technology to consider in that case. We continue to listen to customers for where Autopatch and/or Microsoft Managed Desktop can be improved or expanded. We have a roadmap for enhancements and improvements - so stay tuned.
    • David Stowers's avatar
      David Stowers
      Brass Contributor
      Oct 19, 2022
      I have used the expedited OOB updates in my org during printnightmare and it worked beautifully. I have had a considerably smoother experience with WUfB and Intune for keeping things moving smoothly than I ever did with WSUS, primarily because it simplifies the experience and works independent of on-prem resources. We are lean on personnel so anything to make for lighter touch is beneficial. You can also pause and roll back quality updates. I usually just recommend a few days delay before a patch goes out so it's not bleeding edge anyway. the biggest drawback would be you cannot control individual patches, but on the workstation endpoints that's usually not as critical as the server side anyway.
Date and Time
Oct 27, 20228:30 AM - 9:30 AM PDT