Advanced Patch Policy - Package Targeting: Microsoft Security Updates

Advanced Patch Policy - Package Targeting: Microsoft Security Updates

When configuring an Advanced Patch Policy, you might notice an option to set the "Type" of Microsoft updates to "Critical Updates." While this seems like it would apply to Critical Windows Updates, it’s important to note that this setting doesn’t filter based on update severity.

Understanding "Critical Updates"

In Microsoft’s update classification, Critical Updates are defined as:
"A widely released fix for a specific problem that addresses a critical, non-security-related bug."

This means that selecting "Critical Updates" in your Advanced Patch Policy will not target security-related patches but instead focus on critical, non-security-related issues. For full details, review Microsoft's update type classifications.

 

Steps to Create a Policy for Critical Severity Updates

To apply updates with critical severity, follow these steps:

  1. Access Advanced Patch Policy Settings:
    • Navigate to your policy editor and select “Advanced Patch Policy.”
  2. Set Targeting Filters:
    • Add a targeting filter for "Patch Severity" and set it to "Critical."
    • Include any additional filters required for your use case.
  3. Validate Filters:
    • After creating the filter, use the "Preview Packages That Would Be Patched" option to ensure the correct updates are targeted.

2023-07-19_18-22-45.png

 

Additional Notes

  • Using severity-based filters ensures that only updates with the desired security impact are applied.
  • For troubleshooting, if updates aren’t applied as expected, double-check the filters and review the logs to confirm the policy execution.
Was this article helpful?
0 out of 0 found this helpful