Microsoft Unveils Improved Controls for Windows Autopatch Management

Windows 11

Key Takeaways:

  • Organizations can now import their Microsoft Intune Update rings for Windows 10 and later into Windows Autopatch management.
  • Windows Autopatch is also getting the ability to set service-level patch objectives based on the organization’s defined update rings.
  • Microsoft has also improved patch compliance reporting with a refreshed cycle of every 30 minutes.

Microsoft has announced notable enhancements for its Windows Autopatch service. The biggest change in this release is the ability for commercial customers to use their existing update rings with Windows Autopatch.

Microsoft has introduced a new feature that enables organizations to import their existing Intune Update rings for Windows 10 or later into Windows Autopatch management. It lets customers make use of Windows Autopatch’s reporting and device readiness without having to redeploy or modify existing update rings. Keep in mind that all devices associated with an imported ring will be automatically registered into Windows Autopatch.

Windows Autopatch is a service that allows administrators to manage updates for end users in their organization. With the update ring feature, Windows updates can be tested with a smaller group of users ahead of the broader deployment. IT admins can create up to 15 unique deployment rings for different groups of devices.

How to import update rings for Windows 10 and later into Windows Autopatch

To import Update rings for Windows 10 and later, Microsoft says that IT administrators will need to follow the steps mentioned below:

  • Go to the Microsoft Intune admin center and select Devices from the left navigation menu.
  • Click the Release management option available under the Windows Autopatch section.
  • Select the Release schedule tab and then select Windows quality updates.
  • Click the Import Update rings for Windows 10 and later option.  
  • Choose the existing rings and then click the Import button.

Patch service level objectives based on update rings

Microsoft has added a new feature that allows customers to set service-level objectives for devices that are updated with Windows patches. Previously, Windows Autopatch used a static approach where at least 95 percent of eligible devices should be on the latest Windows quality update within 21 days after the release date. However, Microsoft has now introduced a new approach that measures patch success based on the update rings defined by the organization.

Windows Autopatch patch compliance reporting

Lastly, Microsoft has announced a change in the refresh cycle for Windows Autopatch reporting. Previously, the refresh cycle occurred every 24 hours, but Microsoft has now changed it to every 30 minutes. The Windows Autopatch reporting feature is designed to provide IT admins with detailed information on patch compliance status. The latest update will enable Windows Autopatch to support multiple data streams that are used for patch compliance reporting.