Microsoft's Windows Autopatch brings automated updates for IT admins

Microsoft's Remote help feature
(Image credit: Microsoft)

Microsoft has announced a range of endpoint management features to take the administrative burden away from IT teams, including automated updates, a premium tier of Endpoint Manager and targeted messaging across an organisation.

The first of the new automated services is 'Windows Autopatch', which is designed to free up IT teams by making the management of Windows and Microsoft 365 updates easier. The aim its to minimise the burden of updates for Windows, Edge, and Office and have an automatic process for all company endpoints. The service keeps all devices protected and compliant so that IT teams can focus on other areas of the business.

Autopatch works via a gradual deployment that's meant to prevent overloading on machines. If there are any issues during deployment the service can be stopped and even reversed if it causes significant disruption.

Autopatch will be available from July this year at no additional cost to Windows Enterprise E3 subscribers.

Elsewhere, there are also a number of updates for endpoint management, including 'application management for Microsoft Edge'. This is a BYOD-type feature that aims to help IT teams manage access to corporate resources. It allows managers to configure how data flows in and out of their organisation and also define the treat level on any device.


Bring insights and data closer to customers with edge computing

How to innovate, make faster decisions and provide engaging experiences


This seems to be primarily aimed that those workers logging into company Edge accounts on their own devices, for temporary reasons, such as checking unfinished work or sending last-minute emails, but without creating a security risk.

There will also be a premium version of Microsoft Endpoint Manager, which is aimed at companies that want a zero-trust security model. The first feature for the premium tier is Endpoint Manager Remote, which deals with helpdesk and users connections for hybrid environments.

Company wide messages direct to your device

Finally, IT teams will also have a new communication tool that allows for businesses to send messages to every user device simultaneously through Windows 11. These can be sent directly to users across "various surfaces", according to Microsoft. That includes desktops, lock screens, or even right above a user's taskbar.

The idea is that critical company announcements can be sent as device notifications instead of becoming lost in an email folder. Messages can be sent with customised links and URLs directly from the Endpoint Manager admin centre. A defined target of users is set via an integration with the Azure Active Directory.

Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.