Windows 10 Quality Updates (Preview)

Windows 10 Quality Updates (Preview)

With Windows 10 quality updates policy, you can expedite the install of the most recent Windows 10 security updates as quickly as possible on devices you manage with Microsoft Intune. Deployment of expedited updates is done without the need to pause or edit your existing monthly servicing policies. For example, you might expedite a specific update to mitigate a security threat when your normal update process wouldn’t deploy the update for some time.

With expedited updates, you can speed installation of quality updates like the most recent patch Tuesday release or an out-of-band security update for a zero-day flaw.

To speed installation, expedite updates uses available services, like WNS and push notification channels, to deliver the message to devices that there’s an expedited update to install. This process enables devices to start the download and install of an expedited update as soon as possible, without having to wait for the device to check in for updates.

The actual time that a device starts to update depends on the device being online, its scan timing, whether communication channels to the device are functioning, and other factors like cloud-processing time.

  • For each expedite update policy you select a single update to deploy based on its release date. By using the release date, you don’t have to create separate policies to deploy different instances of that update to devices that have different versions of Windows 10, like 1809, 1909, and so on.
  • Windows Update evaluates the build and architecture of each device, and then delivers the version of the update that applies.
  • Only devices that need the update receive the expedited update:
    • Windows Update doesn’t try to expedite the update for devices that already have a revision that’s equal to or greater than the update version.
    • For devices with a lower build version than the update, Windows Update confirms that the device still requires the update before installing it.
    • When a restart is required to complete installation of the update, the policy helps to manage the restart. In the policy, you can configure a period that users have to restart a device before the policy forces an automatic restart. Users can also choose to schedule the restart or let the device try to find the best time outside of the devices Active Hours. Before reaching the restart deadline, the device displays notifications to alert device users about the deadline and includes options to schedule the restart.

The following are requirements to qualify for installing expedited quality updates with Intune:

Licensing:

In addition to a license for Intune, your organization must have one of the following subscriptions:

  • Windows 10 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
  • Windows 10 Education A3 or A5 (included in Microsoft 365 A3 or A5)
  • Windows Virtual Desktop Access E3 or E5

Supported Windows 10 versions:

  • Windows 10 versions that remain in support for Servicing, on x86 or x64 architecture

Supported Windows 10 editions:

  • Professional
  • Enterprise
  • Pro Education
  • Education
  1. Sign in to the Microsoft Endpoint Manager admin center.
  2. Select Devices > Windows > Windows 10 quality updates (preview) > Create profile.
  1. In Settings, enter the following properties to identify this profile:
    • Name: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later.
    • Description: Enter a description for the profile. This setting is optional but recommended.

In Settings, configure Expedite installation of quality updates if device OS version less than. Select the update that you want to expedite from the drop-down list. The list includes only the updates you can expedite.

When selecting an update:

  • Updates are identified by their release date, and you can select only one update per policy.
  • Updates that include the letter B in their name identify updates that released as part of a patch Tuesday event. The letter B identifies that the update released on the second Tuesday of the month.
  • Security updates for Windows 10 that release out of band from a patch Tuesday can be expedited. Instead of the letter B, out-of-band patch releases have different identifiers.
  • When the update deploys, Windows Update ensures that each device that receives the policy installs a version of the update that applies to that devices architecture and its current Windows version, like version 1809, 2004, and so on.

A setting of 1 day or 2 days provides device users flexibility to manage a restart before it’s forced. These settings correspond to an automatic restart delay of 24 or 48 hours after the update installs on the device.

Select the respective Groups and continue.

Finally, you can check the reports and monitoring about these updates.

his report shows the current state of all devices in the profile and provides an overview of how many devices are in progress of installing an update, have completed the installation, or have an error.

  1. Sign in to the Microsoft Endpoint Manager admin center.
  2. Select Reports > Windows updates. On the Summary tab you can view the Windows Expedited Quality updates table.
  3. To drill in for more information, select the Reports tab, and then Windows Expedited Updates Report.
  4. Click the link Select an expedited update profile.
  5. From the list of profiles that is shown on the right side of the page, select a profile to see results.
  6. Select the Generate report button.

without more for the moment I say goodbye sending a big greeting to all my readers, we are with new posts.

Tabla de contenidos

Categorías

Categorías