[German]In a tech community post, Microsoft has introduced some new features that they have introduced for Windows Autopatch. There is a new authentication method that only applies to apps. Furthermore, the article deals with the device enrollment process and the innovations introduced to help solve device issues.
What is Autopatch?
Autopatch for Windows is a service from Microsoft aimed at IT departments that want to keep Windows and Office software up to date on registered endpoints automatically and at no additional cost. Windows Autopatch is able to detect the differences between endpoints used in an organization and dynamically sort them into four test rings.
Each ring comprises a group of devices that can receive updates according to a defined scheme. In the test ring, updates can be installed early and tested on the devices, while patches are distributed to devices in the broad ring only after extensive testing in the enterprise. This makes it possible to define how many devices are included in a ring and when a ring distributes the updates. In doing so, Autopatch provides the following features:
- Pause: Updates are not passed from ring to ring if stability targets are not met.
- Rollback: If devices do not meet performance targets after an update, updates can be automatically rolled back.
- Selectivity: The feature allows parts of an update package to be propagated and parts that do not meet targets to be selectively and automatically paused or rolled back.
Because of the above features, Autopatch has the ability to keep users productive in the event of problems with updates. Microsoft describes the planned Autopatch approach in this Techcommunity article, as well as the features available through this service.
Windows Autopatch can be used as a feature for Windows 10/11 Enterprise E3 (and E5) at no additional cost. Other requirements are for management using Intune:
- Azure Active Directory (Azure AD)
- Microsoft Intune
- Windows 10/11 (supported versions)
For co-management, Configuration Manager version 2010 or higher can also be used. The service had been released in July 2022 (see Microsoft releases autopatch for Windows (July 11, 2022)).
What's new in Autopatch in September 2022
In the September 7, 2022 Techcommunity post What's new in Windows Autopatch: September 2022 Microsoft describes what's new since the release of the first version.
- Application-only authentication: Autopatch began using certificate-based authentication on August 18, 2022, using Microsoft's Modern Workplace Management application. The update removed three service accounts, four groups, and a conditional access policy.
- Post-registration device readiness checks: The device registration process using Windows Autopatch has been simplified. With this update to the device registration flow, IT administrators can easily identify configuration mismatches or other issues in their environments that prevent devices from receiving software updates from Windows Autopatch and take action to resolve them.
- A way to generate reports on registered devices has been introduced. Generating reports on quality updates helps IT administrators with security and compliance issues.
Details can be read in the Techcommunity post. In that post, Microsoft announced more new features for Ignite in October 2022. There were no details, but Windows Autopatch for education and government customers could be available soon. (via)
Cookies helps to fund this blog: Cookie settings