Microsoft announced Windows Autopatch for enterprise customers back in April to take charge of update deployments and reduce the burden on IT admins.
Windows Autopatch is a service in which Microsoft uses deployment tools like Windows Update for Business (WUfB) on your organization's behalf to ensure that Windows 10, Windows 11, Microsoft Edge, Teams, and other Microsoft 365 services are automatically updated. This includes the creation of testing rings, monitoring health, and rolling back updates if needed. The service rolled out generally in July, and today, Microsoft has shared some details about the new features that it has added to Windows Autopatch recently.
For starters, Microsoft introduced application-based authentication through its app Modern Workplace Management. This certificate-powered authentication mechanism ensures that you don't need to worry about password rotation, extraneous service accounts, and complex Conditional Access (CA) policies. Microsoft has assured customers that if they were backing out of using Windows Autopatch because of the aforementioned reasons, they should give it another go now.
Microsoft has also made the process of post-registration device readiness simpler. Devices that do not meet pre-requisites for Windows Autopatch enrollment are now shown in a new "Not registered" tab whereas those with conflicting policies blocking them from receiving updates show up in the "Not ready" tab. You will also be able to click on the devices mentioned on either of these tabs to get specific solutions tailored to each of them.
Finally, Windows Autopatch quality updates reporting is now live, you can find out more about it by watching the video below:
In terms of what's next, Microsoft has teased some Autopatch announcements for its Ignite conference in October. It has also confirmed that it will be rolling out a self-service de-registration process and a new Tenant Management blade soon.