Windows Autopatch celebrates 1 year of managed updates
Published Jul 05 2023 11:30 AM 14.5K Views
Microsoft

After an incredible year of increased security and productivity, today we recap the current capabilities of Windows Autopatch, highlight new features coming to general availability, and look ahead to more value being added to the service. Whether you're a long-time user or just learning about Autopatch, there's something for everyone below, so read on!

The first anniversary of Windows Autopatch

The idea for Windows Autopatch came from our customers. As the transition to hybrid work accelerated, managing enterprise endpoints became more complex, and as cybersecurity threats posed increasing risk, the need for applying updates in a timely fashion became more urgent. IT admins asked for help – and we at Microsoft realized we could manage much of the update process on behalf of our customers. The result: Windows Autopatch!

A still from the video explainer that launched with Windows AutopatchA still from the video explainer that launched with Windows Autopatch

Over the last year we've heard positive feedback from customers about the time and effort they save updating Windows, Microsoft 365, Microsoft Edge, and Microsoft Teams apps. When those conversations also surface ideas about how Windows Autopatch can be even more helpful, we listen.

This latest set of additional features comes directly from customer requests for customizations and flexibility to meet the needs of large enterprises while maintaining the simplicity that makes Autopatch so helpful.

New features become generally available July 25, 2023

In our May 2023 announcement, we announced the public preview of features that extend the capability of Windows Autopatch. We are excited to announce that these features will be generally available beginning July 25, 2023. Current customers will also see an announcement in the Microsoft Intune message center detailing updates to the service.

May's blog introduced the public preview of exciting new capabilitiesMay's blog introduced the public preview of exciting new capabilities

Before explaining these new capabilities, here is brief recap of Windows Autopatch.

What can Windows Autopatch do for enterprises?

Autopatch is built on the deployment service and core features of Windows Update for Business. So an IT administrator could configure many of the operations managed by Autopatch themselves. But, the value of the Windows Autopatch service extends beyond the orchestration of updates and time-saving:

  • Evaluations of updates by Microsoft
  • Critical "zero day" update expediting
  • Progressive deployment ring grouping
    • Assign enrolled devices to ring groups automatically
    • Issues that may arise affect a smaller number of devices rather than the entire estate
    • Admins can move devices where needed
    • Learn more about the default rings

Customizable, flexible new Autopatch features

Among the most-requested capabilities from customers was to be able to configure Windows Autopatch to match existing organizational needs or structures.

The resulting features allow IT admins to apply different sets of Autopatch rules to sets of devices as needed:

  • Autopatch Groups (currently in public preview, general availability on July 25, 2023)
  • Custom deployment rings (currently in public preview, general availability on July 25, 2023)
    • Up to 15 deployment rings per group
    • Azure AD device groups or individual devices can be assigned dynamically or directly to rings
    • Each ring can have a custom Scheduled or Deadline-driven deployment policy. Deadline-driven allows custom deferrals, deadlines, and grace periods. Scheduled updates can reduce restarts and minimize interruptions
    • Read more about custom deployment cadences
    • Demo the custom cadence and timing process
  • Custom policy naming (currently in public preview, general availability on July 25, 2023)
    • Conform Autopatch policy names to fit your organizational naming standards
      Note: Renaming the underlying Autopatch deployment groups is not supported.

More controls to fit your needs

The default behaviors and settings of the service are configured to meet the needs of most organizations. The introduction of custom settings allows more enterprises to take advantage of Autopatch automation while addressing their unique use cases as with these content controls:

  • Feature updates (currently in Public Preview, general availability on July 25, 2023)
  • Microsoft 365 apps opt-out
    • Enrolled devices are set by default to "Monthly Enterprise channel"
    • Opt-out allows admins to set another channel for enrolled devices
    • Devices "opted-out" are updated according to the schedule defined for that channel. See Microsoft 365 update channels for more details.
  • Opt out of "Expedited" updates
  • Drivers and firmware
    • Microsoft pre-certifies and validates drivers from many original equipment manufacturers and independent hardware vendors.
    • Automated deployment of recommended drivers
    • Autopatch creates policies aligned with deployment rings Opt-out is available so IT admins can maintain manual control using Intune driver management features.
    • Granular controls around drivers and firmware update management (coming 2023 Q4) - includes the ability to manually approve drivers on a ring-by-ring basis
    • Better reporting and new issue remediation

Customers have emphasized the importance of having visibility into all the work that Autopatch is doing on their behalf. A refresh is coming to Autopatch reporting with this July 25 GA announcement that gives more confidence to IT admins that the service is working, more help in resolving issues that may arise, and new banners and notifications help admins identify issues that require attention.

The future of Windows Autopatch

While all these features add up to a more powerful and helpful solution – and we're proud to acknowledge all the progress made in just one year – the development and enhancement of the service will continue. We are grateful to all the developers, product managers who have built this service, and to the customers who have enrolled devices and shared their experiences with our team to help it get better.

All about Windows Autopatch

If you want to share feedback, request features, or ask questions, please join our Windows Autopatch Tech Community. For those who want to learn more about the value the service has brought to other enterprises, read this report commissioned from Forrester: New Technology: The Projected Total Economic Impact™ Of Windows Autopatch Cost Savings And Business ....

 

If you want to experience Windows Autopatch before enrolling devices, we have extensive demos – including some on the newly released features discussed above  – at aka.ms/AutopatchDemo. And, finally, if you want to dive deeper, you can find all our resources in the Windows Autopatch resource guide.

 

Want to stay up to date on all things Autopatch? Subscribe to Windows Autopatch blog updates and follow us at @MSWindowsITPro on Twitter!

 

9 Comments
Co-Authors
Version history
Last update:
‎Jul 05 2023 11:28 AM
Updated by: