Bewerken

Delen via


What is Windows Autopatch?

Important

In September, Windows Update for Business deployment service unified under Windows Autopatch. Unification is going through a gradual rollout over the next several weeks. If your experience looks different from the documentation, you didn't receive the unified experience yet. Review Prerequisites and Features and capabilities to understand licensing and feature entitlement.

Windows Autopatch is a cloud service that automates Windows, Microsoft 365 Apps for enterprise, Microsoft Edge, and Microsoft Teams updates to improve security and productivity across your organization.

Unique to Windows Autopatch

Rather than maintaining complex digital infrastructure, businesses want to focus on what makes them unique and successful. Windows Autopatch offers a solution to some of the challenges facing businesses and their people today:

  • Close the security gap: Windows Autopatch keeps software current, there are fewer vulnerabilities and threats to your devices.
  • Close the productivity gap: Windows Autopatch adopts features as they're made available. End users get the latest tools to amplify their collaboration and work.
  • Optimize your IT admin resources: Windows Autopatch automates routine endpoint updates. IT pros have more time to create value.
  • On-premises infrastructure: Transitioning to the world of software as a service (SaaS) allows you to minimize your investment in on-premises hardware since updates are delivered from the cloud.
  • Onboard new services: Windows Autopatch makes it easy to enroll and minimizes the time required from your IT Admins to get started.
  • Minimize end user disruption: Windows Autopatch releases updates in sequential deployment rings, and responding to reliability and compatibility signals, user disruptions due to updates are minimized.

Windows Autopatch helps you minimize the involvement of your scarce IT resources in the planning and deployment of updates for Windows, Microsoft 365 Apps, Microsoft Edge, or Teams. Windows Autopatch uses careful rollout sequences and communicates with you throughout the release, allowing your IT Admins can focus on other activities and tasks.

Features and capabilities

Business Premium and A3+ licenses

Important

The information in section applies to Business premium, A3+, E3+ and F3 licenses. For more information, see Features and capabilities and Licenses and entitlements.

The goal of Windows Autopatch is to deliver software updates to registered devices; the service frees up IT and minimizes disruptions to your end users. Once a device is registered with the service, you have access to the following features through the Microsoft Intune admin center:

Features included with Business Premium and A3+ licenses Description
Update rings You can manage Update rings for Windows 10 and later devices with Windows Autopatch. For more information, see Manage Update rings.
Windows quality updates With Windows Autopatch, you can manage Windows quality update profiles for Windows 10 and later devices. You can expedite a specific Windows quality update using targeted policies.
Windows feature updates Windows Autopatch provides tools to assist with the controlled roll out of annual Windows feature updates.
Driver and firmware updates You can manage and control your driver and firmware updates with Windows Autopatch.
Hotpatch updates Install Monthly B release security updates without requiring you to restart the device.
Intune reports Use Intune reports to monitor the health and activity of endpoints in your organization.
Hotpatch quality update report Hotpatch quality update report provides a per policy level view of the current update statuses for all devices that receive Hotpatch updates.

Important

Microsoft 365 Business Premium and Windows 10/11 Education A3 or A5 (included in Microsoft 365 A3 or A5) do not have access to all Windows Autopatch features. For more information, see Features and capabilities.

Windows Enterprise E3+ and F3 licenses

Important

The information in this article or section only applies if you have Windows Enterprise E3+ or F3 licenses (included in Microsoft 365 F3, E3, or E5) licenses and have activated Windows Autopatch features.

Feature activation is optional and at no additional cost to you if you have Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5) licenses.

For more information, see Licenses and entitlements. If you choose not to go through feature activation, you can still use the Windows Autopatch service for the features included in Business premium and A3+ licenses.

In addition to the features included in Business Premium and A3+ licenses, if you have Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5), you have access to all of Windows Autopatch features in your tenant. When you activate Windows Autopatch, you have access to the following features through the Microsoft Intune admin center:

Features included in Windows Enterprise E3+ and F3 licenses Description
Autopatch groups You can manage update deployment based on your audience.

An Autopatch group is a logical container or unit that groups several Microsoft Entra groups, and software update policies, such as Update rings policy for Windows 10 and later and feature updates policy for Windows 10 and later policies.

For more information about workloads supported by Autopatch groups, see Software update workloads.

Windows quality updates In addition to the Business Premium and A3+ capabilities, Windows Autopatch:
Multi-phase release policies with feature updates In addition to the Business Premium and A3+ capabilities, with Windows Autopatch, you can create customizable feature update deployments using multiple phases for your existing Autopatch groups. These phased releases can be tailored to meet your organizational unique needs.
Driver and firmware updates In addition to the Business Premium and A3+ capabilities, with Windows Autopatch, you can:
  • Choose to receive driver and firmware updates automatically, or self-manage the deployment
  • Control the flow of all drivers to an Autopatch group or rings within an Autopatch group
  • Control the flow of a specific driver or firmware across your entire tenant via approvals
  • Approve and deploy other drivers and firmware that previously couldn’t be centrally managed
Microsoft 365 Apps for enterprise updates Windows Autopatch aims to keep at least 90% of eligible devices on a supported version of the Monthly Enterprise Channel (MEC).
Microsoft Edge updates Windows Autopatch configures eligible devices to benefit from Microsoft Edge's progressive rollouts on the Stable channel.
Microsoft Teams updates Windows Autopatch allows eligible devices to benefit from the standard automatic update channel.
Policy health and remediation When Windows Autopatch detects policies in the tenant are either missing or modified that affects the service, Windows Autopatch raises alerts and detailed recommended actions to ensure healthy operation of the service.
Enhanced Windows quality and feature update reports and device alerts Using Windows quality and feature update reports, you can monitor and remediate managed devices that are Not up to Date and resolve any device alerts to bring managed devices back into compliance.
Submit support requests with the Windows Autopatch Service Engineering Team When you activate additional Autopatch features, you can submit, manage, and edit support requests.

Communications

To stay informed of new and changed features and other announcements, navigate to Microsoft 365 admin center > Message center.

Accessibility

Microsoft remains committed to the security of your data and the accessibility of our services. For more information, see the Microsoft Trust Center and the Office Accessibility Center.

Have feedback or would like to start a discussion?

You can provide feedback or start a discussion in our Windows Autopatch Tech Community.