Microsoft tells admins to autoreview your Autopatch alerts or autolose the service

Microsoft is updating a service introduced last year that shifts the responsibility of patching Windows devices from IT admins to the vendor itself.

Redmond in April 2022 unveiled Windows Autopatch to automate updates to endpoints, but still giving administrators controls to adapt or make changes as needed. When it was first introduced – it became generally available three months later – Microsoft said that "for organizations who select this option, the second Tuesday of every month will be 'just another Tuesday.'"

The company this week confirmed updates to the service, including enhancements to the Tenant management blade, which is used to alert admins of actions that they need to take to maintain the overall heath of the service. In this case, Autopatch beginning in May will include the ability to alert them to expired licenses that need to be renewed or replaced to retain access to Autopatch.

Another alert warns about access-related issues that would mean Autopatch would no longer manage the enterprise's tenant.

The management blade can also tag Autopatch as "inactive" in a tenant if there are actions that need to be taken. To see if there are alerts that need addressing, Microsoft is urging IT admins to check the Tenant management section and click on a banner displayed in the "Windows Autopatch Devices" blade, according to Lior Bela, senior product strategy and marketing manager for Autopatch, Intune Suite, and MMD.

"If you have no actions that need to be taken, there is no effect on your tenant," Bela wrote. "However, if the service has identified actions for you to take, you must act to avoid interruption with the Windows Autopatch service."

• Microsoft adds chatbots to Teams for the Pentagon
• Microsoft uses carrot and stick with Exchange Online admins
• Microsoft Defender shoots down legit URLs as malicious
• Oh, really? Microsoft worries multicloud complicates security and identity

Redmond is also rolling out new Autopatch features that are in public preview and will be generally available May 1. Among them is Windows Autopatch Groups, letting IT admins create their own sets of deployment rings – the way Autopatch staggers updates to enable administrators to ensure endpoints are compliant – and the cadence of deployments.

They can better manage updates using the Groups feature when creating new Windows update deployments and provide insights into update compliance, deployment status, and update failure for Autopatch's existing reporting functions.

Admins can also have Autopatch restore policies and deployment rings when needed.

The new capabilities are part of Microsoft's plan to give admins the tools to oversee the process and make changes even though Autopatch automates the actual patching of the Windows PCs, servers, and other endpoints.

A year ago, Bela wrote that the "development of Windows Autopatch is a response to the evolving nature of technology. Changes like the pandemic-driven demand for increased remote or hybrid work represent particularly noteworthy moments but are nonetheless part of a cycle without a beginning or end."

Installing the myriad patches that Microsoft puts out every month takes time and resources, which can slow down patching and lead to security and productivity issues. Automating the process can help alleviate some of the time pressures and accelerate patching, Bela wrote. ®