
close
close
For organizations using Windows Update for Business (WUfB) or Windows Update, Microsoft often puts safeguard holds on Windows 10 feature updates to stop devices with known compatibility issues from receiving the updates. As Microsoft works with vendors to resolve the problems, safeguard holds are gradually lifted.
If you use Windows Server Update Services (WSUS), or another service for distributing updates to endpoints, you don’t need to worry about Microsoft’s safeguard holds. You are responsible for making sure that the feature updates you approve for distribution have been properly tested.
advertisment
Update Compliance is an Azure Marketplace app that you can download for free. You can use it with Windows 10 Professional, Enterprise, and Education SKUs. It monitors the update status of your Windows endpoints.
To use Update Compliance, you need an Azure subscription that includes Log Analytics. Update Compliance is ideal for organizations that rely on WUfB to manage Windows Updates because it provides reporting that’s not part of WUfB.
For more information on WUfB, see Why You Should Use Windows Update for Business Instead of Windows Server Update Services and Managing Windows 10 Updates in a Small Businesses Environment.
Microsoft uses telemetry data that it collects from devices to determine whether they are ready for a feature update. Feature updates are usually released twice yearly and can involve a full in-place upgrade of Windows 10.
advertisment
Machine learning is used to process the telemetry data. And if a potential compatibility issue is identified, with either the hardware or a driver, Microsoft blocks the feature update for the device using a safeguard hold.
Before the latest announcement at the end of October, IT administrators were able to see which devices couldn’t update in Update Compliance because of safeguard holds. But now it is possible to see which individual safeguard hold is preventing a device updating.
Two new queries help administrators view information about safeguard holds. “Devices with a safeguard hold” shows device data for all endpoints where safeguard holds are applied. And “Target build distribution of devices with a safeguard hold” shows how many endpoints have safeguard holds applied and which Windows 10 build they are currently running.
advertisment
Update Compliance reports show the safeguard hold IDs in the DeploymentErrorCode column. You can check out safeguard hold IDs and the related issues for each Windows 10 release on the Windows release health dashboard.
Microsoft says information about widely deployed safeguard holds is publicly disclosed. But if a safeguard hold is due to a third-party software or hardware issue, it is often required to comply with confidentiality agreements.
The changes Microsoft has made to Update Compliance are designed to provide a better experience for administrators managing Windows endpoints. The new queries provide greater insight so that IT can understand why devices are not receiving Windows 10 feature updates.
More from Russell Smith
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Windows 10
IT Admins Report Issues With Microsoft Store Version of Quick Assist App
May 16, 2022 | Rabia Noureen
This Week in IT - Windows 10 Gets Search Highlights and Is Microsoft in Hot Water Over Windows Cloud Pricing?
Apr 15, 2022 | Russell Smith
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group