ariaupdated

@gdcsp I don't think so but let me check. It could also be the state the update is in when you run the command (ex. downloaded but not installed vs. pending reboot)

@ariaupdated Great, glad to hear that - I was concerned about our workflow as well. BTW, when upgrading from Win 11 23H2 to 24H2, shutdown.exe didn’t install the update, but it did when moving to 25H2. Is that a design change, or because 25H2 is an enablement package?

@ariaupdated Re: point 3 in blogs.windows.com/windows-inside… - if a restart is performed using shutdown -r, will pending updates still be installed, as they were until now?

@bit_cpt @SCCM_Avenger any idea what is going on here? I thought all roles had report access?

@ariaupdated What GDAP permissions are needed to view the detail for this please?

We have released a new report in #Autopatch to help you evaluate the patching vulnerability risk in your estate, along with some new guidance for how quickly to take patches. #WindowsUpdate techcommunity.microsoft.com/blog/windows-i…

@arovik85 By default, we make safeguards (not offering when we expect an issue to occur) and repairs are automatic with opt-outs available. Would you like an option for fully automatic? (where we manage everything and just provide you regular reports on patch health?)

@arovik85 So today, if you are leveraging Autopatch groups, it will keep the configuration made when configured. Same for the update rings, specific update deployment pages - noting we are updating the default configs for policy creation.

@ryandengstrom @zsattler @acjuelich @bdam555 Are you still seeing this issue?

@zsattler @acjuelich @bdam555 I just checked again. Clicking on the notification without elevating my PIM role shows greyed out and toggled to allow. Elevating my PIM role, then checking again and it is disabled. Deactivating my PIM role, it goes back to greyed out and allowed.

Friendly reminder that in April, the #Autopatch team enabled a tenant-wide #HotPatch policy. That's probably a good thing, but if there's a set of machines you want to exclude for whatever reason, you need to take action before May's Patch Tuesday hits. techcommunity.microsoft.com/blog/Windows-I…

@ryandengstrom @zsattler @acjuelich @bdam555 @mmsmoa Sadly I'm not either this year, but two of the awesome folks on my team (Surabhi and Harman) are there and presenting! 🎉

@zsattler @acjuelich @bdam555 Is @ariaupdated at @mmsmoa? I am unfortunately not there. 😕 #mmsmoa #autopatch #wufb

@KiPos_info Thanks for flagging! Let me follow up in direct messages with you to get tenant ID to investigate. Sorry for the poor support experience. :(

@ariaupdated Working evaluation of other drivers, which is broken for 1.5 months and you can't even get a support agent on that? x.com/i/status/20498…

If there are other things you want to see in Autopatch (aka Autopatch/WUfB/WUfBDS) to help you reduce vulnerabilities in your estate, let us know! :)

This is just phase 1. We'll be making improvements to the report, default configs (such as the recent hotpatch default), short deadline experience to help enable you to meet these new targets. We are also focused on ensuring quality of Windows patches blogs.windows.com/windows-inside…

Check out the new run dialog! It is somehow even more amazing than the use of emojis in the blog announcing it - which is impressive. 💙🦄 Great job @ClintRutkas and team! 🪇

Sharing April highlights as part of your ask for more transparency. Thanks for pushing us forward. Proud to be part of this community. @WindowsInsider flights are live today. aka.ms/WIP-5-1-26Upda…

@MyNameIsMurray I'm glad to hear you figured it out! (And glad it wasn't the update 😅haha)

@ariaupdated NVM! It was coincidence! The theory of Windows Update was a good one, but it turned out to be a setting within an Intune Endpoint Security Firewall policy that was changed as per a Microsoft Secure Score recommendation to prevent local admin merge on the Public network profile.

UGH! Because today wasn't going to be busy enough, suddenly, none of our devices can connect to Miracast adapters, which means most of our teachers can't project in classrooms. Awesome. This is across several Surface and HP models, all at once, so it's something widespread.

@arovik85 @marrrkkkuuu @StevenKister1 @PJ_Marcum @bdam555 What this toggle does is ensures you get a notification when the device first reaching pending reboot. Without it on, the device will still get notifications, just slightly fewer - closer to the reboot taking place / being forced rather than right away.

@marrrkkkuuu @ariaupdated @StevenKister1 @PJ_Marcum @bdam555 But is this toggle actually doing something? What happens if it’s not turned on? Will users still get reboot notifications? I’m confused

techcommunity.microsoft.com/blog/Windows-I… So patch between 3 and 7 days but MS just allowed unlimited update pauses? Mixed signals for sure. @ariaupdated @PJ_Marcum @bdam555 Trust is earned and the past several months have not been good...extending patching runways is a must at the moment.

@arovik85 @StevenKister1 @PJ_Marcum @bdam555 Ack on the defaults, those are something we will be adjusting. The new recommendations, risk assessments (techcommunity.microsoft.com/blog/Windows-I…) are in response to the rapidly changing threat landscape. Previously, we would have recommended the 14 / 28 day SLA and our defaults still match such

@ariaupdated @StevenKister1 @PJ_Marcum @bdam555 With the recommended 5 rings for companies with more than 200 computers, most devices will get the updates after 14-16 days. That's way too long in my opinion... Any comments on this?

@marrrkkkuuu @StevenKister1 @PJ_Marcum @bdam555 As in block it so that user's can't click shutdown/restart without taking the update once they get to deadline or some such?

@ariaupdated @StevenKister1 @PJ_Marcum @bdam555 Will there be associated policies in Intune to configure the new option for “Shutdown, Restart on your term” ?

@marrrkkkuuu @arovik85 @StevenKister1 @PJ_Marcum @bdam555 Yep - this is something we have heard from quite a few folks and we are working on getting you the ability to show more notifications. Hopefully the team gave you that same answer? :)

@ariaupdated @arovik85 @StevenKister1 @PJ_Marcum @bdam555 I just asked the autopatch team about this one today. Specifically looking for a policy option too toggle the “User managed” setting “Notify me when a restart is required to finish updating"

@lalanc01 Check out: learn.microsoft.com/en-us/powershe…

@ariaupdated is there a way to see if a user/device got the WUFB restart notifications? Maybe in a log or event viewer? thks

@arovik85 @StevenKister1 @PJ_Marcum @bdam555 The recommendation today is to configure a 0, 1 day deadline and a 1,2 day grace period. The 2 day grace period will give the most notifications. learn.microsoft.com/en-us/windows/… However, we know many folks want more and that is something we are working on actively.

@ariaupdated @StevenKister1 @PJ_Marcum @bdam555 The big question is: how do you configure reboot notification the right way from intune? there is not good enough ways to let the users know there is a pending reboot. Where can I manage this setting, and why is it not on by default??