Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Microsoft Makes Windows Autopatch Generally Available

Just ahead of the July 2022 Patch Tuesday, Microsoft has announced the general availability of Windows Autopatch, a new capability that allows enterprises to automate the rollout of Windows and other updates.

Just ahead of the July 2022 Patch Tuesday, Microsoft has announced the general availability of Windows Autopatch, a new capability that allows enterprises to automate the rollout of Windows and other updates.

Initially announced in April, Windows Autopatch is now available to all Microsoft customers with Windows Enterprise E3 and E5 licenses, who can use it to automate the updating of Windows 10, Windows 11, Microsoft Edge, and Microsoft 365 applications.

The general availability of Autopatch does not mean that Patch Tuesday is dead. In fact, the new capability is an extension that aims to improve the updating experience for enterprise customers.

“Microsoft will continue to release updates on the second Tuesday of every month and now Autopatch helps streamline updating operations and create new opportunities for IT pros,” the tech giant says.

Autopatch creates four testing rings to deploy new updates gradually and monitor the environment for any issues that could trigger a rollback. Thus, IT professionals will have less work to do and security updates will be rolled out in a timely manner.

“Essentially, Microsoft engineers use the Windows Update for Business client policies and deployment service tools on your behalf,” Microsoft explains.

The tech giant claims that Autopatch ensures that all quality updates – security, firmware, and functionality updates – will be deployed swiftly, while feature updates – interface or experience changes – will arrive slower, within 30 days for each ring.

Customers will be able to halt updates if certain stability criteria is not met, and will also have a rollback feature, to undo the changes if performance is impacted. Furthermore, customers will be able to select only parts of the update to be installed.

Windows Enterprise E3 and E5 customers looking to get started with Autopatch should go to the Tenant Administration in the Microsoft Endpoint Manager admin center and select “Tenant enrollment” in the Windows Autopatch section.

“Once you’ve enrolled devices into Autopatch, the service does most of the work. But through the Autopatch blade in Microsoft Endpoint Manager, you can fine-tune ring membership, access the service health dashboard, generate reports, and file support requests,” the tech giant notes.

Microsoft claims that Autopatch can eliminate gaps in protection by bringing patches faster to all systems, even if not all administrators might welcome the automation with open hearts.

“Because the Autopatch service has such a broad footprint, and pushes updates around the clock, we are able to detect potential issues among an incredibly diverse array of hardware and software configurations. This means that an issue that may have an impact on your portfolio could be detected and resolved before ever reaching your estate,” the company notes.

Related: Microsoft Dismisses False Reports About End of Patch Tuesday

Related: Windows Autopatch Aims to Make Patch Tuesday ‘Just Another Tuesday’ for Enterprises

Related: Windows Updates Patch Actively Exploited ‘Follina’ Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.