Microsoft’s Autopatch feature improves the patch management process

Pierluigi Paganini April 11, 2022

Microsoft announced a feature called Autopatch that will allow organizations to keep their systems up-to-date starting with Windows Enterprise E3 (July 2022).

Microsoft recently announced the implementation of a new feature called Autopatch starting with Windows Enterprise E3 in July 2022 that aims at keeping their systems up-to-date. The move aims at improving the patch management process in enterprises that could be exposed to cyber-attacks in case they fail into installing the available patch and upgrades.

“This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost,” explained Lior Bela, senior product marketing manager at Microsoft. “The second Tuesday of every month will be ‘just another Tuesday.'”

The Windows Autopatch feature works dynamically creating 4 testing rings, each of them representative of all the diversity in an enterprise. The updates are initially tested on a small set of devices, then if the installation creates no problems, the installation is extended to increasingly larger sets, with an evaluation period at each progression.

“The ‘test ring’ contains a minimum number of representative devices. The ‘first’ ring is slightly larger, containing about 1% of all devices under management. The ‘fast’ ring contains about 9% of endpoints, with the rest assigned to the ‘broad’ ring.” continues the announcement.

Windows Autopatch was designed to work with all supported versions of Windows 10, Windows 11, and Windows 365 for Enterprise. The feature will not be available for Windows Server OS and Windows 365 for Business.

Below are a couple of FAQs published by the company:

How does Windows Autopatch ensure updates are done successfully?
Updates are applied to a small initial set of devices, evaluated, and then graduated to increasingly larger sets, with an evaluation period at each progression. This process is dependent on customer testing and verification of all updates during these rollout stages. The outcome is to assure that registered devices are always up to date and disruption to business operations is minimized, which will free an IT department from that ongoing task.

What happens if there is an issue with an update?
If an issue is encountered, the Autopatch service can be paused by the customer or the service itself. When applicable, a rollback will be applied or made available.

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: 
https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Autopatch)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment