cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcing the Windows Update for Business deployment service
By
David_Mebane
Published Mar 02 2021 08:01 AM 59K Views
David_Mebane
Microsoft
‎Mar 02 2021 08:01 AM

Announcing the Windows Update for Business deployment service

‎Mar 02 2021 08:01 AM

Update May 10, 2021: On April 28, 2021, we announced the public preview of Microsoft Graph APIs to manage Windows updates. Read the announcement and learn more here: Public preview of Microsoft Graph APIs to manage Windows updates.

Today, we are excited to announce the Windows Update for Business deployment service. This new service empowers IT professionals to meet the business goals of their organizations and requirements of their end users no matter where a device resides on the planet—be it in the office, at home, or on the road.

Over the past year, organizations have rapidly shifted to remote work strategies, emphasizing and leveraging cloud services more than ever before. We have evolved our approach to Windows as a service since the release of Windows 10. We added more controls, and developed frameworks to help you successfully transition to a cloud servicing cadence.

Microsoft AI powers update decisions for more than a billion devices worldwide, and we are committed to making the same controls and technology available to every device manager. The deployment service is designed as an enterprise-grade solution on top of this servicing platform.

These technologies represent an exciting next step in the evolution of Windows as a service.

A closer look at the Windows Update for Business deployment service

The deployment service is a new cloud service within the Windows Update for Business product family. It provides control over the approval, scheduling, monitoring, and safeguarding of content delivered from Windows Update, and is designed to work in harmony with your existing Windows Update for Business policies.

We have designed deployment service with your feedback in mind.

  • IT is in control. Approve and schedule any Windows content delivered from Windows Update, including feature updates, quality updates, drivers, and firmware. As the IT professional responsible for your organization, if you have not approved the content, it won’t deploy.
  • Easy to adopt. The deployment service is integrated with Microsoft Endpoint Manager, either through cloud-only controls or co-management so you can adopt content and features at your own pace. No need to “lift and shift” your organization at one time.
  • Responsive to change. Delivering innovation through cloud services makes it easy for you to adopt. Capabilities are common across OS releases and you no longer need to install an update to access new update controls.
  • Compliant and privacy-focused. ISO 27001, FedRAMP High, HiTRUST, and SOC II certified.

The deployment service significantly extends the management plane available to devices connecting to Windows Update. It will enable you to:

  • Schedule update deployments to begin on a specific date (ex: deploy 20H2 to these devices on March 14, 2021)
  • Stage deployments over a period of days or weeks using rich expressions (ex: deploy 20H2 to 500 devices per day, beginning on March 14, 2021)
  • Bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization when emergencies arise
  • Ensure coverage of hardware and software in your organization through deployments that are tailored to your unique device population through automatic piloting
  • Leverage Microsoft ML to automatically identify and pause deployments to devices which are likely to be impacted by a safeguard hold
  • Manage driver and firmware updates just like feature updates and quality updates

Availability

Our Preview release of the deployment service will be available to all Windows Enterprise customers in the first half of 2021. These capabilities will be made available through new Microsoft Graph APIs and the associated PowerShell SDK. An extension to Update Compliance will provide reporting and monitoring support for the deployment service.

For customers who are looking for an integrated solution, we are delivering these capabilities through Microsoft Endpoint Manager as well. We started with the Windows 10 feature updates public preview, and we have been encouraged by the strong adoption from customers of all sizes and industries across the globe. New organizational and operational reporting capabilities are also available, with more update management capabilities coming in future releases.

For all enterprise customers, deployment service capabilities are available to Azure AD joined and Hybrid Azure AD joined devices that are covered by a Microsoft 365 or Windows 10 E3 user license. Intune support requires either a Microsoft 365 E3 license, or both Windows and EMS E3 licenses.

Next steps

We are excited to see how you and your partnering application developers will use the deployment service and broader Windows Update for Business product family to simplify update management and deliver better results for your organization and users.

For more details on the scenarios and capabilities coming to you through the deployment service, we've included the following video:

 

 

8 Comments
Deleted
Not applicable
‎Mar 03 2021 01:31 PM
‎Mar 03 2021 01:31 PM

How did we survive without it so far? :)

 

Awesome stuff!!!

 

Happy Azure Stacking!!!

Jbasuroy369
Copper Contributor
‎Mar 04 2021 03:12 AM
‎Mar 04 2021 03:12 AM

This is really an awesome development! 

:)

Petr Vlk
MVP
‎Mar 23 2021 07:56 AM
‎Mar 23 2021 07:56 AM

Can we add CSP to automatically turn on Smart Active Hours for users?

Windowsnoob
Copper Contributor
‎Apr 16 2021 12:24 AM
‎Apr 16 2021 12:24 AM

Do both MDM and GPO based policies work side by side for a Hybrid AAD joined , Co-managed and enrolled devices? 

0 Likes
Like
StefanoCleri
Copper Contributor
‎Apr 16 2021 12:42 AM
‎Apr 16 2021 12:42 AM

This is interesting, but I have two questions:

- what about using "Windows 10 update phases" (sorry if this is not the correct name in english, I couldn't find the correct translation for my localization) instead of the proposed "Windows 10 feature updates (preview)"? What are the differences in these Intune tools?

- you propose the integration of Intune tools with GPOs, isn't still possible to manage Windows and Microsoft updates only by using Intune?

Thank you!

0 Likes
Like
Jeremy Bradshaw
Steel Contributor
‎Apr 18 2021 04:54 AM
‎Apr 18 2021 04:54 AM

Is it just me or does Windows Updates for Business in general seem like nothing but things that all already existed and are being talked about together as the "WUfB family of products"?

 

It seems like it is just when you configure the updates to come from the CDN, and you control the settings centrally, you've deployed WUfB.  I get there are advancements, but I don't see an actual product here (ever yet with WUfB).  Now there is this big advancement, but still, nothing new except more centralized options to control the updates./settings.

Karl_Wester-Ebbinghaus
MVP
‎May 23 2021 11:26 AM
‎May 23 2021 11:26 AM

@David_Mebane thanks for your article and demo! Are there plans to merge Azure Update Management and WuFB? Currently small businesses need to have check and maintain 2 different things for doing the same things, monitoring their update compliance?

0 Likes
Like
SimBur999
Copper Contributor
‎Mar 14 2024 11:44 PM
‎Mar 14 2024 11:44 PM

An old post I know but made me laugh because the "Business" line of licensing is targeted at small to medium business up to 300 users... here's the release of Windows Update for Business deployment service which "will be available to all Windows Enterprise customers in the first half of 2021". LOL... MS - the kings of confusing the heck out of partners and customers alike since 1975.  This would have ripped someone's nightie in the marketing dept I reckon!

0 Likes
Like
Co-Authors
Version history
Last update:
‎May 10 2021 09:13 AM
Updated by: