Microsoft to kill Patch Tuesday for some enterprise customers
The firm plans to launch its Windows Autopatch service for enterprise customers with Windows 10 or Windows 11 Enterprise E3 licenses; it’s going to repeatedly deploy patches, eliminating the necessity for admins to manually deploy them.
![A hand flicks on an update switch. [ software update / fix / patch ]](https://images.idgesg.net/images/article/2020/08/hand_flicks_on_update_switch_software_update_fix_patch_by_stadtratte_gettyimages-1140137377_2400x1600-100854510-large.jpg?auto=webp&quality=85,70)
Stadtratte / Getty Images
Microsoft is planning to launch a brand new instrument that may automate the patch administration course of, all however eliminating Patch Tuesdays for a lot of organizations.
The firm’s new Windows Autopatch service will hold enterprise computer systems repeatedly up to date as a part of a brand new function included with the Windows Enterprise E3 subscription service.
Organizations operating methods with a Windows 10 or Windows 11 Enterprise E3 license might be eligible for the brand new patch service, which is anticipated to be usually accessible in July.
“This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost,” Lior Bela, senior product advertising and marketing supervisor at Microsoft, wrote in a weblog publish. “IT admins can acquire time and sources to drive worth. The second Tuesday of each month might be ‘simply one other Tuesday.'”
Microsoft
The Microsoft Autopatch function requires one click on approval to being working.
Patch Tuesday (extra lately known as Update Tuesday) is a colloquial time period used within the IT trade to discuss with when Microsoft and others sometimes launch spot repairs to their working system and different software program. Patch Tuesday is all the time the second Tuesday of every month.
Microsoft mentioned it’s automating software program updates in response to the “evolving nature of technology.” For instance, the pandemic elevated demand for extra distant or hybrid work, making efficiency and safety updates much more essential, as methods are extra typically exterior a corporation’s firewall.
“The value should be felt immediately by IT admins who won’t have to plan update rollout and sequencing, and over the long term as increased bandwidth allows them more time to focus on driving value,” Bela mentioned. “Quality updates should enhance device performance and reduce help-desk tickets — feature updates should give users an optimal experience, with increased uptime and new tools to create and collaborate.”
Dan Wilson, a senior analysis director at Gartner, mentioned there’s unmet demand for endpoint patching providers as conventional outsourcers are likely to favor extra full-service choices.
“Autopatch can tackle the frequent problem of conserving tempo with Windows and Office updates. The $0 price ticket ought to make it enticing to not less than take a look at. Third-party utility patching is the opposite problem, however that isn’t presently in scope for Autopatch,” Wilson mentioned in an electronic mail reply to Computerworld.
Windows Autopatch will be capable to detect variations amongst endpoints, and place them into 4 “test rings” or teams, after which dynamically examine them for needed updates.
First there might be a “test ring” containing a minimal variety of gadgets which are consultant of all of the sorts of gadgets and configurations beneath administration. The subsequent ring is barely bigger, containing about 1% of all gadgets beneath administration. A 3rd “quick” ring incorporates about 9% of endpoints, and the remaining 90% of gadgets might be assigned to a “broad” ring. The percentages don’t change as gadgets are added or faraway from the service community.
The level of the 4 rings is to make sure there aren’t any software program points related to firmware or software program updates. As every group passes the exams, the updates are put in till all of a corporation’s gadgets are patched.
Wilson famous that Autopatch follows ring-based deployment finest practices with the flexibility to halt and roll-back ought to points come up, and minimal license necessities (Windows E3 or up) should not be a difficulty “as most have or are upgrading to Microsoft 365 bundles that embody this.”
“And the requirement to be enrolled in or co-managed by Intune and in Azure shouldn’t be a significant concern at this level,” Wilson mentioned. “Whether or not Autopatch is best than leveraging automated replace capabilities already inside Microsoft Endpoint Manager, Windows Update for Business and the Office 365 admin console is unclear, Wilson mentioned. “They attempt to tackle that on their Windows Autopatch FAQ web page, he mentioned.
Windows Autopatch will handle all points of machine group deployments for Windows 10 and Windows 11 high quality and have updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates, Bela mentioned.
From an endpoint administration standpoint, the principle prerequisite for Autopatch is Intune or co-management. The service has a built-in readiness evaluation instrument that may examine related settings in Intune, Azure Active Directory, and Microsoft 365 Apps for Enterprise to see that they’re configured to work with Autopatch.
The on-line instrument checks all of a corporation’s settings in Microsoft Endpoint Manager — particularly, Microsoft Intune, Azure Active Director and Microsoft 365 — to make sure they’ll work with the Autopatch service. If any settings flip up as “not prepared” the service has click-through directions on the way to resolve points, Microsoft mentioned.
“After providing consent, Microsoft completes all the other steps for you automatically, and will manage creating the right policies and groups so that updates are ready to be deployed,” Mark Florida, principal engineering product supervisor at Microsoft mentioned in a video presentation. “Talk about saving time. Imagine doing all the policy configuration and group definitions yourself.”
