When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft: Windows Autopatch is the safest way to upgrade enterprise PCs to Windows 11

Microsoft has pitched Windows Autopatch as the fastest and safest way for commercial Windows 10 PCs to update to Windows 11.

Neowin · with 0 comments

Windows Update

A few hours ago, Microsoft published a guide for IT admins explaining how they can use Intune to upgrade Windows 10 devices to Windows 11, while also migrating from Active Directory (AD) to a cloud-native system like Entra ID. The company has also published a similar guide, but switched the tool to Windows Autopatch, claiming that it is the fastest and safest way for enterprise PCs to update to Windows 11.

For those unaware, Windows Autopatch is a way to automate updates while empowering IT admins to ensure that endpoints are healthy and compliant through ring-based, staggered deployments. IT admins also have the ability to reverse updates easily if something does go wrong.

In the current scenario of upgrading enterprise PCs to Windows 11 using Autopatch, Microsoft has outlined a four-step process. The first involves assessing Windows 11-readiness across your organization, assigning Entra ID groups to devices, and then mapping these groups to rollout rings in Autopatch.

Next, IT admins should segment devices into Windows Autopatch groups, while also defining staggered rollout policies controlled through rollout rings. At a base level, there should be two groups: devices that meet the criteria of Windows 11 and should upgrade to it, and Windows 10 hardware that doesn't meet the criteria and should receive Extended Security Updates (ESUs). Devices should be spread in a logical manner across various rings, with each group having a dedicated update policy.

The third step involves defining the speed of staggered update rollouts. This can be managed through the Intune admin center, which gives you control over sequencing, pace, and deferrals.

Finally, IT admins should monitor the rollout of the Windows 11 update through the Windows Autopatch feature update reporting module. It contains the update status across devices, trendlines within historical views, and remediation guidance for errors. Microsoft believes that this combination of Windows Autopatch groups and Intune is the best way to upgrade to Windows 11, so IT admins should get started right away as support for Windows 10 is ending on October 14, 2025.

Tea for Women
Next Article

Dating safety app Tea spills private chats in new leak

Anthropic logo
Previous Article

Claude Code gets throttled as Anthropic rolls out fresh usage caps

0 Comments

Load the comments and join the conversation!

Read the comments, ask the editors questions, show respect and join the conversation.

Click here