For many organizations, Patch Tuesday will soon become "just another Tuesday", because Microsoft is preparing to roll out a new tool that automates the patch management process.
According to the company, the new Windows Autopatch service will keep all business computers and Office software up to date automatically.
Customers with at least a Windows 10 or Windows 11 Enterprise E3 license will be eligible for the new service, which is set to go live in July.
Three rings of devices
"This service will keep Windows and Office software on enrolled endpoints up-to-date automatically, at no additional cost. The second Tuesday of every month will be 'just another Tuesday',” Lior Bela, Senior Product Marketing Manager at Microsoft, wrote in a blog post.
"Windows Autopatch manages all aspects of deployment groups for Windows 10 and Windows 11 quality and feature updates, drivers, firmware, and Microsoft 365 Apps for enterprise updates."
Updating all endpoints in an enterprise can sometimes be a gargantuan task, as organizations can have hundreds, if not thousands of devices. To ensure the process always goes smoothly, Microsoft Autopatch will split the devices into four groups, or “testing rings”.
The first test ring will count roughly 1% of all devices. The second one, also called the “fast ring”, will count 9%, while the “broad ring” will cover the remaining 90%.
The service will make sure the percentage ratio always stays the same, regardless of the number of devices coming in and out of the network.
The test ring will be the first to receive the updates. With additional features, such as Halt and Rollback, Microsoft wants to limit the opportunity for a patch to cause issues with a large number of devices.
"Whenever issues arise with any Autopatch update, the remediation gets incorporated and applied to future deployments, affording a level of proactive service that no IT admin team could easily replicate. As Autopatch serves more updates, it only gets better," Bela explained.
Via BleepingComputer