{"id":19142,"date":"2025-05-15T09:05:00","date_gmt":"2025-05-15T16:05:00","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=19142"},"modified":"2026-01-12T09:30:34","modified_gmt":"2026-01-12T17:30:34","slug":"transforming-our-approach-to-patch-management-at-microsoft","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/","title":{"rendered":"Transforming our approach to patch management at Microsoft"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Computer security updates, commonly referred to as \u201cpatches,\u201d are a crucial aspect of the IT operations of every large organization today. As a global software company with more than 230,000 employees worldwide, we at Microsoft are no different.<\/p>\n\n\n\n<aside class=\"wp-block-group aside-for-guide has-white-200-background-color has-background has-global-padding is-content-justification-right is-layout-constrained wp-container-core-group-is-layout-3f1abf08 wp-block-group-is-layout-constrained\" style=\"border-radius:10px;padding-top:var(--wp--preset--spacing--spacing-12);padding-right:var(--wp--preset--spacing--spacing-12);padding-bottom:var(--wp--preset--spacing--spacing-12);padding-left:var(--wp--preset--spacing--spacing-12)\">\n<div class=\"wp-block-group is-nowrap is-layout-flex wp-container-core-group-is-layout-298f84b7 wp-block-group-is-layout-flex\" style=\"margin-top:0;margin-bottom:0;padding-top:0;padding-bottom:0\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"132\" height=\"132\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/10\/Engage-with-our-experts_blogs.png\" alt=\"\" class=\"wp-image-20636\" style=\"width:48px\"\/><\/figure>\n\n\n\n<p class=\"has-body-lg-font-size wp-block-paragraph\"><strong>Engage with our experts!<\/strong><\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-4)\">Customers or Microsoft account team representatives from Fortune 500 companies are welcome to <a href=\"mailto:msitstaff@microsoft.com\">request a virtual engagement<\/a> on this topic with experts from our Microsoft Digital team.<\/p>\n<\/aside>\n\n\n\n<p class=\"wp-block-paragraph\">Like most aspects of our IT services journey, our security and patch management story is deeply connected with cloud computing, automation, and, most recently, AI technology. It\u2019s a story that embraces continuous improvement and innovations that are saving our IT admins and users time and hassle while deterring attacks and enhancing security across the organization.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With the development of services like Windows Update client policies (formerly known as Windows Update for Business), Azure Update Manager, and Intune Enterprise Application Management, we\u2019re leading the way in offering best-of-breed security solutions that help organizations stay compliant and safe in an increasingly perilous digital world.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The growing threat landscape<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As the developer and provider of Windows, Microsoft 365, Microsoft Azure cloud services, and other widely used software technologies, we\u2019re in a unique position to influence and protect the computer systems used by billions of people around the world. And these systems have never been under greater threat by bad actors and cybercriminals than they are today.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u201c<\/strong>Our customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks,\u201d states our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/security-insider\/intelligence-reports\/microsoft-digital-defense-report-2024\" target=\"_blank\" rel=\"noreferrer noopener\">2024 Digital Defense Report<\/a><strong>. \u201c<\/strong>Microsoft\u2019s unique, expansive, and global vantage point gives us unprecedented insight into key trends in cybersecurity affecting everyone from individuals to nations.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The report also notes that we\u2019ve made digital security our top corporate priority, with more than 34,000 dedicated security engineers across the company.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThe malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world\u2019s best cybersecurity defenders,\u201d Tom Burt, corporate vice president of customer security and trust, says in the report. \u201cWe all can, and must, do better, hardening our digital domains to protect our networks, data, and people at all levels.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With such an unprecedented number of threats, one of our major priorities at Microsoft Digital, the company\u2019s IT organization, is making sure our global network infrastructure and the more than 750,000 devices accessing our network are always up to date and compliant with the latest software patches. As Customer Zero for our software products, we strive to remain on the cutting edge of the latest cybersecurity innovations. That means taking advantage of the latest Microsoft tools and processes on server-side and client-side patching.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The world as it was: On-premises IT and manual updates<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">A decade or so ago, much of the world\u2019s computer networks were still being run primarily via on-premises servers and other onsite hardware. Maintaining these systems mostly relied on manual updates by IT administrators, which was a huge drain on time and resources.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cOur patch-management systems back then included Microsoft System Center Configuration Manager (SCCM) and Windows Server Update Services,\u201d says Senthil Selvaraj, a principal group project manager at Microsoft Digital. \u201cWe were doing everything on-premises, managed within the Microsoft tenant onsite.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\">Patching product history at Microsoft<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"387\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-1024x387.png\" alt=\"Patch management product timeline from 2018 to 2024, including WUFB, .Net core integration with Windows update, WUFB Deployment Service, Visual Studio integration with Windows Update, Autopatch, Intune Driver and Firmware updates, Hotpatch, and Enterprise Application Management. \" class=\"wp-image-19146\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-1024x387.png 1024w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-300x113.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-768x290.png 768w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-1536x581.png 1536w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710-timeline-graphic-v2-2048x775.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>A wave of new tools has transformed our approach to patch management in the last several years.<\/em><\/figcaption><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">This meant that simply downloading and installing the routine security patches that were released each month was a major task for the company\u2019s thousands of IT admins.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThe admins used to have to download the updates, validate them, approve them, and then push them out to devices,\u201d says Harshitha Digumarthi, a senior product manager with Microsoft Digital. \u201cIt used to take a considerable amount of time each month for these processes. There was no proper automation in place.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As the IT world shifted to cloud solutions and more modern software management approaches, the patching process needed to shift with it, Selveraj notes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cAs we moved everything to the cloud, we leveraged modern Microsoft tools such as Intune, OneDrive for Business, SharePoint, etc.,\u201d he says. \u201cAnd we were also helping our customers move through that process as well. This is in keeping with the overall Microsoft vision of continuous improvement.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The journey to modern patch management on Windows<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">In 2018, we introduced Windows Update for Business (WUFB), a major milestone on the patch management migration journey. The service is now called Windows Update client policies.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">&#8220;We have established programs to pre-validate updates, allowing us to deploy them automatically and simultaneously across all devices, significantly accelerating compliance.&#8221;<\/p>\n<cite><strong>Harshitha Digumarthi, senior product manager, Microsoft Digital<\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Of course, like any story of technological progress, nothing happens overnight or in a straight line. As Digumarthi explains, we in Microsoft Digital went through a patch management transition phase, marked by a hybrid systems approach.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u201c<\/strong>We didn\u2019t immediately shift everything from SCCM to Windows Update for Business and Microsoft Intune,\u201d she says. \u201cThere is transitionary stage\u2014known as hybrid AD\u2014where the client devices still have SCCM on them, with Intune running parallel on those devices.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">WUFB ushered in a more efficient and modern approach to patch management.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cIt\u2019s an automated, intelligent service which can identify what updates the device needs, find the applicable updates, and automatically push those updates onto the devices,\u201d Digumarthi says. &nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">She notes that IT admins at other organizations might push these updates out to their devices in phases, often called deployment rings. But at Microsoft, we do them all at once for the entire company, in a program popularly called Patch Tuesday.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe have established programs to pre-validate updates, allowing us to deploy them automatically and simultaneously across all devices, significantly accelerating compliance,&#8221; Digumarthi says.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This control is enabled through Windows Update policies, which allow administrators to manage key actions such as reboot timing. As a result, vulnerabilities are addressed quickly, and all devices are brought into compliance with the latest secure Windows updates.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After establishing a more efficient approach to Windows security patching, we rolled out WUFB Deployment Services in 2021. This process, which brought similar gains in efficiency and automation, handles new Windows features, which are typically released on six-month cycles.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Humberto-Arias.png\" alt=\"A photo of Arias.\" class=\"wp-image-21747\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Humberto-Arias.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Humberto-Arias-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Humberto-Arias-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">&#8220;When vulnerabilities are exploited by malicious actors, even a single compromised bug can cascade rapidly, potentially impacting millions of users. Anticipating and mitigating these risks early is essential to maintaining trust and security.&#8221;<\/p>\n<cite><strong>Humberto Arias, senior product manager, Microsoft Digital <\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">According to Digumarthi, a major challenge to patch management for Windows is the number of different versions, including the .Net Framework, .Net Core, Visual Studio, Visual Studio Code, SQL, and more. Over the last few years, we have developed a unified internal-to-Microsoft patching solution to handle all of these various updates.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThese are extremely different streams, so we\u2019ve worked closely with these product groups to bring them all into one update, which we call the unified update,\u201d Digumarthi says. \u201cThis way, the IT admin doesn\u2019t need to deploy all these different updates individually. It\u2019s also completely automated, so it\u2019s much easier for both admins and users to stay up to date and compliant. It\u2019s a huge achievement.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Other important patch automation issues are firmware and driver updates. These updates used to be deployed manually by admins every month, but that changed in 2024.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe now have a new feature, in partnership with Windows and the Intune team, called the Intune Driver and Firmware updates,\u201d Digumarthi says. \u201cIt gives admins a portal where they can simply click a button and approve whatever the latest firmware and driver updates are; no need to manually download, package, and deploy the updates. It\u2019s easier for them to understand, and we\u2019ve seen great patch compliance improvement in this area.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Patch management on the server side<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">While Windows Update client policies handles the client-side updates for the more than 750,000 devices on our corporate network, we also needed a modern solution for patch management on our roughly 50,000 network servers.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Keeping network servers compliant with the latest security updates is extremely important.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe must proactively safeguard our development environments,\u201d says Humberto Arias, senior product manager in Microsoft Digital. \u201cWhen vulnerabilities are exploited by malicious actors, even a single compromised bug can cascade rapidly, potentially impacting millions of users. Anticipating and mitigating these risks early is essential to maintaining trust and security.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The solution is Azure Update Manager (AUM), a product that enables network administrators to deploy and manage all their server security update packages in one stream. AUM also supports hybrid (on-premises and cloud) network environments, which is a competitive advantage.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&nbsp;\u201cA lot of customers like the flexibility and redundancy of multi-cloud environments,\u201d Arias says. \u201cAUM is our one-stop solution for patching all your servers, regardless of where they reside\u2014on-premises, in the cloud, or in hybrid environments. It\u2019s a great advantage of using AUM.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\">Patching with Azure Update Manager<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"577\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen-1024x577.png\" alt=\"Azure Update Manager dashboard shows a graphical view of patching status.\" class=\"wp-image-19147\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen-1024x577.png 1024w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen-300x169.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen-768x433.png 768w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen-1536x865.png 1536w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_Azure_Update_Manager_screen.png 1694w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Azure Update Manager provides a dashboard view where IT admins can easily monitor the patching status of each machine in their network and access a log of every action taken on that server.<\/em><\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">The challenge of patching non-Windows devices<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Microsoft believes in empowering our employees to do their job on the device that works best for them (sometimes called Bring Your Own Device, or BYOD). But that policy opens up the challenge of making sure all those devices meet our security standards, including those running on the MacOS, iOS, and Android platforms.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cPeople do a lot more work on their mobile devices than they used to; we have about 80,000 Android devices and about 150,000 iOS devices that our employees connect to our network with,\u201d says John Philpott, a senior product manager in Microsoft Digital. \u201cWe need to make sure that all these devices have the latest OS security patches, or it puts our network at risk.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The tricky part is that because Microsoft doesn\u2019t make the operating systems, we can\u2019t consistently manage the device environment or the patches themselves. Instead, the common approach in this situation is to make sure that employees know about the latest patches for their device and enforce compliance by controlling their access to the Microsoft corporate network. Getting employees to voluntarily keep their devices up to date is critically important.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/John-Philpott.png\" alt=\"A photo of Philpott.\" class=\"wp-image-21751\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/John-Philpott.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/John-Philpott-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/John-Philpott-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">&#8220;We want to make sure all the Microsoft apps are up to date on mobile, but we\u2019re also making a big push to enforce third-party app patching as well. If someone exploits an app like Adobe Acrobat that can be a threat to our security, so we want users running the latest versions of all the major apps.&#8221;<\/p>\n<cite><strong>John Philpott, senior product manager, Microsoft Digital<\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">The frequency and requirements for installing the updates depends on the platform.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cFor Android, how often your phone is updated varies, depending on the manufacturer and model; this makes developing a consistent patching experience a challenge,\u201d Philpott says. \u201cIt\u2019s a balancing act, but we\u2019ve gradually tightened our patch requirements and are educating employees on the best Android devices to choose to meet patching requirements.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Patch enforcement for Apple devices is much tighter, according to Philpott.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cIf there\u2019s a security threat, Apple will quickly make a patch available,\u201d he says. \u201cWe have a standard process of enforcing compliance within 14 days. We tell our users that if they haven\u2019t installed the update after 12 days, we\u2019ll install the patch and enforce a reboot. If the device has not been patched after 14 days, we\u2019ll remove their network access.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The other area of mobile device patching that has received increased scrutiny in recent years is applications, both our first-party apps and third-party apps. We work closely with the Microsoft Intune product group to make sure that these apps are patched as frequently as possible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe do a lot of discussions with the Intune team about how we can enforce these updates,\u201d Philpott says. \u201cWe want to make sure all the Microsoft apps are up to date on mobile, but we\u2019re also making a big push to enforce third-party app patching as well. If someone exploits an app like Adobe Acrobat that can be a threat to our security, so we want users running the latest versions of all the major apps.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Autopatch and hotpatching<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Our patch management journey is one of helping develop solutions that automate security and feature updates as much as possible, reducing the strain on IT resources. As part of these efforts, we work closely with the Microsoft product groups as Customer Zero for their update offerings. One prominent step on this journey was the introduction of Windows Autopatch in 2022.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Windows Autopatch is a cloud service for enterprise customers that automates the updates to Windows, Microsoft 365, Microsoft Edge, and Microsoft Teams. It also offers greater control for patching different groups of devices on different schedules.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cAutopatch offers admins a single-pane view where they can manage the patches across their organization, from the same perspective,\u201d says Katie Yao, a senior product manager on the Autopatch team. \u201cAnd with Autopatch Groups, they can dynamically assign users to different groups, which gives them a lot of flexibility on how and when devices are updated.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Another innovation that the Autopatch service offers is hotpatching. This feature helps IT teams keep devices secure without the usual disruption of monthly reboots. Security updates are applied immediately in the background. This means fewer interruptions for users and less coordination effort for admins\u2014especially in environments where uptime is critical.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Katie-Yao.png\" alt=\"A photo of Yao.\" class=\"wp-image-21784\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Katie-Yao.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Katie-Yao-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Katie-Yao-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cCustomers were telling us that rebooting all devices every month was too much in some cases. So, we\u2019ve moved to a process where they get the updates every month, but they only need to reboot the machines once every three months. This way they get the latest security and feature updates, but they don\u2019t need to reboot their devices as often.&#8221;<\/p>\n<cite><strong>Katie Yao, senior product manager, Autopatch<\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">For IT admins managing a large volume of devices, this is a big win. Hotpatching reduces the amount of time it takes to achieve security compliance across the whole environment, with no delays or deferrals.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cCustomers were telling us that rebooting all devices every month was too much in some cases,\u201d Yao explains. \u201cSo, we\u2019ve moved to a process where they get the updates every month, but they only need to reboot the machines once every three months. This way they get the latest security and feature updates, but they don\u2019t need to reboot their devices as often.\u201d<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">The future of patch management<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Our patch management story continues to evolve as we apply the latest tools and technologies to our processes at Microsoft Digital. <\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Senthil-Selvaraj.png\" alt=\"A photo of Selvaraj.\" class=\"wp-image-21755\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Senthil-Selvaraj.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Senthil-Selvaraj-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/Senthil-Selvaraj-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">&#8220;AI tools are the next stage in our continuous improvement process for patch management. We\u2019re currently working on a new solution called Device Care, which is a tool that leverages AI to monitor, predict, and resolve device and infrastructure issues for admins and employees.&#8221;<\/p>\n<cite><strong>Senthil Selvaraj, principal group project manager, Microsoft Digital<\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">We see great opportunities for industry-wide improvements, such as with application patching.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThe Intune Enterprise Application Management solution is a huge opportunity for us,\u201d Selvaraj says. \u201cRight now, there\u2019s a gap in how applications are managed across large organizations\u2014are they healthy? Are they vulnerable? Are they up to date? We hope that this solution will address these needs.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Of course, just as with many aspects of today\u2019s software development, the future of patching will be greatly impacted by AI innovations.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cAI tools are the next stage in our continuous improvement process for patch management,\u201d Selvaraj notes. \u201cWe\u2019re currently working on a new solution called Device Care, which is a tool that leverages AI to monitor, predict, and resolve device and infrastructure issues for admins and employees. Another AI tool in this space is Microsoft Security Copilot, which helps with daily security operations.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And as the computer security landscape evolves, with more frequent and more sophisticated attacks coming every day, we\u2019ll continue to refine and develop our patching tools and strategies. It\u2019s the only way to ensure that our networks and devices\u2014and those of our customers\u2014remain as secure as possible.<\/p>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge.png\" alt=\"\" class=\"wp-image-19493\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Key takeaways<\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Here are some tips to help guide your own organization\u2019s patch management approach:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Stay alert to risk.<\/strong>&nbsp;The rapidly increasing size and scale of the cybersecurity threat landscape has intensified the need for more sophisticated patching solutions.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Educate your employees.<\/strong>&nbsp;Making sure that everyone in your organization is aware of the importance of keeping devices up to date with the latest patches is a key part of your overall security strategy.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Save time and resources with automated updates.<\/strong>&nbsp;Windows Update client policies (formerly WUFB) offers automated patching, which can greatly reduce the amount of time your IT admins must spend identifying, configuring, and deploying updates.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Update your infrastructure where it lives.&nbsp;<\/strong>Azure Update Manager provides a powerful, flexible patching solution that works for on-cloud, on-premises, and hybrid network infrastructures.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Adapt to a flexible device environment.<\/strong>&nbsp;Mobile-device patching can be a complex challenge, especially if your organization embraces a Bring Your Own Device philosophy. Services like Microsoft Intune can ensure that devices are well-managed and kept up to date on the latest security fixes.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Maintain availability.<\/strong>&nbsp;If you have critical servers and devices that you don\u2019t want to reboot every month, consider a hotpatching approach that keeps your devices updated without rebooting.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Take advantage of intelligent patching solutions.<\/strong>&nbsp;AI advances promise even greater innovation to come in the patching space, including services like Microsoft Device Care, Security Copilot, and Enterprise Application Management.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png\" alt=\"\" class=\"wp-image-19492\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Try it out<\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/azure.microsoft.com\/en-us\/products\/azure-update-management-center?OCID=InsideTrack_Product_10710\" target=\"_blank\" rel=\"noreferrer noopener\">Sign up for a free trial of Azure Update Manager<\/a> and <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/deployment\/update\/waas-manage-updates-wufb?OCID=InsideTrack_Product_10710\" target=\"_blank\" rel=\"noreferrer noopener\">explore Windows Update client policies<\/a>.<\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png\" alt=\"\" class=\"wp-image-19491\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Related links<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-security-and-compliance-at-microsoft-with-windows-hotpatch\/\">Check out our approach to changing security and compliance at Microsoft with Windows Hotpatch.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/harnessing-first-party-patching-technology-to-drive-innovation-at-microsoft\/\">Learn how we\u2019re harnessing first-party patching technology at Microsoft.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/migrating-from-microsoft-monitoring-agent-to-azure-arc-and-azure-update-manager-at-microsoft\/\">Read about our experience migrating from Microsoft Monitoring Agent to Microsoft Azure Arc and Azure Update Manager.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/sharing-how-microsoft-protects-against-ransomware\/\">Discover how we\u2019re protecting Microsoft from ransomware attacks.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transitioning-to-modern-access-architecture-with-zero-trust\/\">Find out how we\u2019re transitioning to modern access architecture with our Zero Trust principles.<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png\" alt=\"\" class=\"wp-image-19490\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">We&#8217;d like to hear from you!<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list is-style-list-no-bullets\">\n<li class=\"wp-block-list-item\"><a href=\"mailto:msitstaff@microsoft.com\">Want more information? Email us and include a link to this story and we\u2019ll get back to you.<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Computer security updates, commonly referred to as \u201cpatches,\u201d are a crucial aspect of the IT operations of every large organization today. As a global software company with more than 230,000 employees worldwide, we at Microsoft are no different. Engage with our experts! Customers or Microsoft account team representatives from Fortune 500 companies are welcome to [&hellip;]<\/p>\n","protected":false},"author":209,"featured_media":19144,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_hide_featured_on_single":false,"_show_featured_caption_on_single":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[71],"tags":[820,597,850,263,115,849,689,848,300],"coauthors":[841],"class_list":["post-19142","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-featured","tag-device-management","tag-employee-experience","tag-end-user-services-and-support","tag-microsoft-365","tag-microsoft-azure","tag-network-and-infrastructure","tag-network-security","tag-security-and-risk-management","tag-windows","m-blog-post"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Transforming our approach to patch management at Microsoft - Inside Track Blog<\/title>\n<meta name=\"description\" content=\"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Transforming our approach to patch management at Microsoft - Inside Track Blog\" \/>\n<meta property=\"og:description\" content=\"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\" \/>\n<meta property=\"og:site_name\" content=\"Inside Track Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-15T16:05:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-12T17:30:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2300\" \/>\n\t<meta property=\"og:image:height\" content=\"1293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Hirning\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Hirning\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"15 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\"},\"author\":{\"name\":\"David Hirning\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20\"},\"headline\":\"Transforming our approach to patch management at Microsoft\",\"datePublished\":\"2025-05-15T16:05:00+00:00\",\"dateModified\":\"2026-01-12T17:30:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\"},\"wordCount\":3054,\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg\",\"keywords\":[\"device management\",\"Employee experience\",\"End user services and support\",\"Microsoft 365\",\"Microsoft Azure\",\"Network and infrastructure\",\"Network Security\",\"Security and risk management\",\"Windows\"],\"articleSection\":[\"Featured\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\",\"name\":\"Transforming our approach to patch management at Microsoft - Inside Track Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg\",\"datePublished\":\"2025-05-15T16:05:00+00:00\",\"dateModified\":\"2026-01-12T17:30:34+00:00\",\"author\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20\"},\"description\":\"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg\",\"width\":2300,\"height\":1293,\"caption\":\"We\u2019re continuously improving and automating our approach to patch management to ensure our network and devices are as secure as possible.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Transforming our approach to patch management at Microsoft\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/\",\"name\":\"Inside Track Blog\",\"description\":\"How Microsoft does IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20\",\"name\":\"David Hirning\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=gc7c1a3ec3eb99a661ac29f1f96fa7024\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=g\",\"caption\":\"David Hirning\"},\"url\":\"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/dhirning\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Transforming our approach to patch management at Microsoft - Inside Track Blog","description":"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/","og_locale":"en_US","og_type":"article","og_title":"Transforming our approach to patch management at Microsoft - Inside Track Blog","og_description":"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.","og_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/","og_site_name":"Inside Track Blog","article_published_time":"2025-05-15T16:05:00+00:00","article_modified_time":"2026-01-12T17:30:34+00:00","og_image":[{"width":2300,"height":1293,"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","type":"image\/jpeg"}],"author":"David Hirning","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Hirning","Est. reading time":"15 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/"},"author":{"name":"David Hirning","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20"},"headline":"Transforming our approach to patch management at Microsoft","datePublished":"2025-05-15T16:05:00+00:00","dateModified":"2026-01-12T17:30:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/"},"wordCount":3054,"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","keywords":["device management","Employee experience","End user services and support","Microsoft 365","Microsoft Azure","Network and infrastructure","Network Security","Security and risk management","Windows"],"articleSection":["Featured"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/","name":"Transforming our approach to patch management at Microsoft - Inside Track Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","datePublished":"2025-05-15T16:05:00+00:00","dateModified":"2026-01-12T17:30:34+00:00","author":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20"},"description":"Learn how adopting a continuous improvement mindset and automation is helping us transform how we approach device patch management at Microsoft.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#primaryimage","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","contentUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","width":2300,"height":1293,"caption":"We\u2019re continuously improving and automating our approach to patch management to ensure our network and devices are as secure as possible."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/transforming-our-approach-to-patch-management-at-microsoft\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/insidetrack\/blog\/"},{"@type":"ListItem","position":2,"name":"Transforming our approach to patch management at Microsoft"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/","name":"Inside Track Blog","description":"How Microsoft does IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/e760383087e27b1a34dab6888c00fe20","name":"David Hirning","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=gc7c1a3ec3eb99a661ac29f1f96fa7024","url":"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a9c9517e077d0a2cab05c61c242f45fe43c4347fe57ab87cb88ce6ec843c3854?s=96&d=mm&r=g","caption":"David Hirning"},"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/dhirning\/"}]}},"jetpack_featured_media_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/05\/10710_hero_image.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9hcZA-4YK","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/19142","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/comments?post=19142"}],"version-history":[{"count":24,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/19142\/revisions"}],"predecessor-version":[{"id":21785,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/19142\/revisions\/21785"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media\/19144"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media?parent=19142"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/categories?post=19142"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/tags?post=19142"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/coauthors?post=19142"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}