HCL SW Blogs
Select Page

mark twainEarly this month, Microsoft announced Windows Autopatch, a new methodology for distributing Windows 10/11 patches at any time, not just on Patch Tuesday. This has caused some in the internet pundit-sphere to breathlessly claim that Patch Tuesday is dead.

Rumors of the death of Patch Tuesday are premature…

Windows Autopatch will be available in July, so let’s look at the facts as we know them:

  • The optional service is only for Windows 10/11 and Office 365 software. No server OS’s, thrid-party apps or .Net framework components.
  • It requires an E3 license or better.
  • Devices are required to be managed by Intune or under co-management with Intune and SCCM.
  • Azure AD is also required.
  • It employs an interesting algorithm where patches can be phased into 1% of devices, then 10%, then 90%.

The advantage of this new method is that overstretched IT organizations could get critical patches out to remote workers sooner with less effort. While this may progress the security posture of some organizations, it’s uncertain if most enterprise customers will adopt this capability, as they generally do not roll out patches without testing cycles or timing controls and are averse to causing end users to endure multiple reboots (often the case with Microsoft patches).  Many organizations schedule patches in line with strict maintenance windows, meaning consuming patches as they’re released simply wouldn’t work.

Microsoft introduced Patch Tuesday in October 2003 for a reason: to stop driving customers crazy with constant security updates, sometimes happening twice a day. Is this going back in time 20 years? Time will tell. In the meantime, HCL BigFix has long been used by enterprises to safely deploy patches in many ways:

  • BigFix Patch policies can replicate the 1-10-90 algorithm while adding change control.
  • BigFix can do it for all of your operating systems, not just Windows 10/11 and Office 365
  • We also patch hundreds of third-party apps.

Our take: Patch Tuesday is not going away. Not for servers and not for enterprises who need to ensure endpoints remain productive and secure.

The HCL BigFix team will continue to stay abreast of the changes as they are announced by Microsoft as well as customer feedback on this new development. We expect that the power and flexibility of BigFix’s intelligent automation can leverage Windows Autopatch in new and productive ways. Only time will tell.

To learn more about BigFix, Contact us or your BigFix Technical Advisor.

Comment wrap
Further Reading
Continuous Business Benefit Realization with HCL BigFix
Automation | December 13, 2022
Continuous Business Benefit Realization With HCL BigFix
With all my discussions with clients and partners, IT organizations of all sizes are continually challenged to reduce costs and simplify operations.
Preview of BigFix CyberFOCUS Analytics 1.0
Automation | November 7, 2022
Preview of BigFix CyberFOCUS Analytics 1.0 
The BigFix CyberFOCUS Analytics solution is designed to impact big unresolved problems that are the intersection of SecOps, ITOps and the C-Suite.  
FOCUS on Business Management of Cyber Risk
Automation | November 7, 2022
The 100% Secure Computers: FOCUS on Business Management of Cyber Risk
BigFix's FOCUS concepts provide a guide about how your organization strategizes about how cybersecurity and empowers you to find and implement controls that balance the needs of business and security simultaneously.
Filters result by