Windows update compliance. A valid Azure subscription is required for this. 

Windows update compliance. Intune supports the following report options: Reports .


Windows update compliance. Currently, Update Compliance works only with Oct 1, 2024 · Compliance Settings Some time ago, Microsoft added the "Valid operating system builds" option in the device properties section of compliance policies. Operating System - Version Compliance by Collection standalone report is used to monitor Feature Update or Windows Version Compliance. 2) Automating Intune Reports - Email Subscription for Intune Patching Compliance Dashboard and Reports Hi, I need some info about automated reports and what to find out if what I want below id possible to setup with SCCM. Jan 17, 2024 · Hello Everyone, We are pushing software updates, Windows Patches and O365 updates to all workstations and servers. However, I have been getting many questions about how to view more detailed or specific information in Update Compliance. Module5. And if you don’t already have it, Download Power BI Desktop from Official Microsoft Sep 14, 2025 · Update Manager is a unified service to help manage and govern updates for all your machines (running a server operating system). Jun 23, 2025 · A Windows update report, the Windows 10 and later feature updates report provides an overall view of compliance for devices that are targeted with a Feature updates for Windows 10 and later policy. Dec 15, 2016 · Conclusion The new Software Updates dashboard is a really nice addition but as the other dashboards, it still lacks major features to rely on for your overall compliance. Apr 28, 2025 · Use custom compliance in Intune to check services, registry keys, and files. Feb 2, 2021 · New queries in Update Compliance provide greater insight for IT when safeguard holds are placed on Windows endpoints. - sappkevin Windows Update for Business Reports | wufb reports | Update Compliance v2 (M- 6. How do you monitor your software update compliance ? May 30, 2017 · Russell Smith shows you how to configure Operations Management Suite's Update Compliance to monitor Windows updates. It returns back useful information about the status of updates, delivery optimization, Windows Defender, and more. We are using a single SCCM Server 2012 R2 with Configuration Manager v2309. It helps to identify outdated OS installations and to close any resulting security gaps. Use the following sections to monitor software updates. microsoft. A valid Azure subscription is required for this. May 25, 2020 · Column: "Last Rollup Status") The report will all updates no matter if deployed as "available" or "required". as patches are released, generate a list of machines which need said patch) Basically, just some . Dec 17, 2020 · Windows Update for Business is great but if you find it doesn't provide quite enough information, Update Compliance is the solution. Dec 21, 2023 · This topic describes how to use the Windows Update Compliance Template v2 and describes the main rules and sub-rules of the policy. The Windows Update for Business reports data that populates these charts refreshes May 12, 2025 · Windows Update client policies (formerly known as Windows Update for Business policies) let you configure deferral policies for Windows 10 or later feature updates or quality updates for Windows 10 or later devices. We still suggest to use built-in reports or our Software Updates reports to monitor your compliance. May 14, 2025 · Windows Update Compliance Dashboard V8. Understanding Windows Update Policies in Intune Microsoft Intune allows you to create Mar 24, 2025 · Learn how to Windows Update for Business Rings to meet maturity level 3 for the Essential Eight. See trends, issues, feature updates, delivery optimization, Windows 11 readiness, and third-party application information. Microsoft also waives Azure Log Analytics ingestion and retention charges as part of the solution. That, however, is a manual action. Mar 4, 2025 · With Intune, you can deploy updates to Windows 10/11 devices by using policies for: Update rings for Windows Feature updates for Windows Windows Driver updates for Windows Reports for these policy types are available to help you monitor and troubleshoot update deployments. graph Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant. Check for compliance on the minimum and maximum operating system, set password restrictions and length, check for partner anti-virus (AV) solutions, enable encryption on data storage, and more. It collects data for update deployment progress, Windows Update for Business configuration data, and Delivery Optimization usage data. It ensures that devices meet the required compliance standards by creating, updating, or deleting policies as necessary based on the latest OS Nov 13, 2023 · Now you’re ready to use alert data as concrete advice to reach your compliance and Windows 11 migration goals! Get started with Power BI and Windows Update for Business reports To take advantage of these powerful customizations, check that you meet the Prerequisites for Windows Update for Business reports. This API is available in the following national cloud deployments. In environments that use Corporate/Guest user management features, a Corporate/Guest Control policy must identify corporate endpoints. If a Windows update setting has a Windows version dependency, the version dependency is noted in the settings details. This is a fresh SCCM installation. Oct 12, 2022 · Windows Update for Business reports will be generally available in early November as a rebrand of Update Compliance. In fact, devices that are configured using the Update Baseline reach, on average, a compliance rate between 80-90% within 28 days. Jul 15, 2024 · Use this script and associated tools to set device policies, test endpoint connectivity, and ensure the right services are running to send diagnostic data to Microsoft for use by the Azure marketplace offering Update Compliance. All of the Windows Analytics features sit on Log Analytic from Azure. 1. It ingests Windows client diagnostic data to report on missing patches and outstanding feature updates. Includes scripts, JSON, and setup tips. Nov 16, 2020 · Update Compliance provides administrators with essential information about the status of Windows 10 PCs. The tab contains a high-level overview of update compliance for Windows clients in your environment. Jul 16, 2024 · This post shows you how to enable the Allow Update Compliance Processing setting in Windows 11/10 using Group Policy or Registry Editor. Mar 18, 2025 · This article contains information on how to enforce compliance deadlines using Windows Update client policies. Windows Update for Business reports uses Azure Workbooks to give you a visual representation of your compliance data. We are also using PKI Certs on all Sep 28, 2020 · Update Compliance information piggybacks on Windows 10 telemetry and Windows 10 telemetry works to the beat of its own drummer. Part of Windows Analytics, it lived through the years. You can monitor Windows and Linux update compliance across your machines in Azure, and on-premises or other cloud environments (connected by Azure Arc) from a single pane of management. Aug 31, 2020 · Update Compliance is a free Azure service that allows you to monitor Windows 10 update rollouts based on what WUfB is hearing from the Windows telemetry being sent by your devices. Within a device compliance policy, it was already possible to specify a specific Windows version. Previously it was possible to host the data in OMS. Jun 27, 2025 · Note: Depending on your Windows Update for Business (WUfB) policies, it’s possible Microsoft updates can still apply from WUfB even if results show unknown in the ConfigMgr console. Most importantly, learn about the Windows update distribution report and Windows Update for Business (WUfB) reports. Sep 4, 2024 · Keeping Windows devices up-to-date is crucial for security, performance, and compliance. Update Compliance contains some useful data and I know the team are working on additional improvements. The unique feature of this solution versus alternatives from Microsoft, is that it’s free and that it can be used with any Windows patch management deployment solution. Apr 18, 2025 · By minimizing the need to restart, these updates help ensure faster compliance, making it easier for organizations to maintain security while keeping workflows uninterrupted. Jul 21, 2021 · These devices are actively managed by IT administrators using on-premise infrastructure that is typically based on Windows Server Update Services (WSUS), but update policies are not configured with Microsoft’s best practices for a “cloud cadence” mindset. This new option can be used to speficy the compliant builds for each version of Windows seperately (e. Microsoft recommends that customers using Intune should onboard devices to Windows Update for Business reports (formerly named “Azure Update Compliance”) to monitor Windows Updates and patch compliance. Dec 6, 2018 · I was wondering if anyone has any alternative reports to the built-in SCCM ones which show: Compliance percentage of released MS Updates against machines in the estate List of machines which do not have a particular update (prompt for the KB number) A list of machines which need attention (e. Nov 17, 2022 · Update Compliance was the predecessor to WUfB reports. Oct 3, 2022 · Applies to: Configuration Manager (current branch) Configuration Manager provides many ways to help you to monitor software updates objects, processes, and compliance information. Navigate to Reports > Windows updates, then select the Reports tab, and select Windows Expedited update report. It includes scheduling monthly updates, applying them to virtual machines, and using Kusto Query Language (KQL) for compliance tracking. The Insufficient Update Connectivity alert is also available in the Summary report in Intune. Dec 8, 2021 · Update Compliance uses Windows client diagnostic data for all of its reporting. May 6, 2022 · Before software update compliance assessment data is displayed in the Configuration Manager console and before software updates can be deployed to client computers, you must install and configure a software update point. Dec 21, 2023 · This topic describes how to configure the Windows Update Compliance Template v2. Today's post outlines cloud-based Windows 10 update monitoring and reporting solutions available to you through Microsoft Intune and Update Compliance. Feb 26, 2024 · Deprecation of Microsoft Support Diagnostic Tool (MSDT) and MSDT Troubleshooters - Microsoft Support What can I do to increase my update compliance percentage? This is an non exhaustive list of actions which can help to positively impact software update compliance: As mentioned before do not leave a system too long in a pending reboot state. It also gives you a report of the device and updates issues related to compliance that need attention. There's also patch compliance reporting in SCCM, but that seems to take days before it updates and shows results. Basically it is the "Compliance 1 - Jun 27, 2025 · Visualize update compliance for Microsoft and third-party apps with our free Power BI reporteasy setup, powerful insights. Apr 15, 2025 · The Windows Update for Business report feature allows IT to log client update data closely. After moving the Windows Update workload to Intune, the client settings in Configuration Manager need to be adjusted manually. A web-based dashboard for monitoring and managing Windows Server Update Services (WSUS) patch compliance across your organization. This assumes you have WinRM opened up on your computers. Jan 29, 2024 · Windows Update for Business reports presents information commonly needed by updates administrators in an easy-to-use format. Impress your team by accessing valuable information Report features : 5 comprehensives pie charts List compliance percentage per machines Mar 3, 2025 · When you use Intune policies for Update rings, you're configuring the Windows settings that manage how and when devices will install Windows updates. Built with React, Express, and PowerShell integration. More specifically, this week is focused on making sure that Windows devices can only be compliant when running the latest cumulative update. Windows 10 21H2, Windows 10 22H2, Windows 11 23H2): Valid operating system builds in a compliance policy This is a powerful method of Jul 30, 2021 · Log Analytics & Update Compliance – Building A Windows Update Dashboard! Maurice Daly Sandy Zeng Jan Ketil Skanke 2021-07-30 3 comments Mar 10, 2022 · Monitoring Windows Updates Using Update Compliance March 10, 2022 by Andrew Taylor If you use policies to update your Windows 10/11 devices, there are reports for them! Get a summary of update success, in-progress updates, device update status, and failure alerts along with remediation recommendations. That drummer is the Windows DiagTrack process. I've seen a few setup guides floating around here on setting up Log Analytics Workspaces so we can get a deeper report on Windows Updates compliance. Apr 10, 2019 · Update Compliance is pretty good out of the box. Sep 30, 2025 · This set of tools allows enterprise security administrators to download, analyze, test, edit and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products, while comparing them against other security configurations. Learn how to enable and work with these reports. Our Windows Update Compliance (Community Edition) workbook does just this, and it is now available on our GitHub repo! Log Analytics […] Nov 15, 2022 · Achieve your Windows update monitoring and compliance goals with the new Windows Update for Business reports experience. Microsoft Intune provides a comprehensive solution for managing Windows Updates across your organization’s devices. Apr 27, 2022 · In this post, we'll cover how to Fix Azure Update Compliance missing devices. Dec 8, 2021 · Update Compliance is found in the Azure portal. The report consists of multiple KPIs to indicate the update compliance or update/client health state and should give you an overview from different viewpoints to help identify problematic systems or a flaw in your patch strategy. For vulnerability detection and remediation, endpoints must be manageable using Feb 26, 2024 · Deprecation of Microsoft Support Diagnostic Tool (MSDT) and MSDT Troubleshooters - Microsoft Support What can I do to increase my update compliance percentage? This is an non exhaustive list of actions which can help to positively impact software update compliance: As mentioned before do not leave a system too long in a pending reboot state. Update the properties of a windows10CompliancePolicy object. Hotpatch is an extension of Windows Update and requires Autopatch to create and deploy hotpatches to devices enrolled in the Autopatch quality update policy. 📚 Track Windows Update Compliance | Windows Update Compliance status | Microsoft Intune PowerShell Detection scripts for update ring | Intune update ring Proactive Remediation Check 👉In this The Update Baseline includes Windows Update policies as well as power and Delivery Optimization policies—all designed to streamline the update process, improve patch compliance, and help ensure your devices stay secure. I have setup a subscription for automated reports to be mailed out for a group of users every week for my Windows update compliance status. Configuring Compliance Policies To enforce a compliance policy using the Group Policy Administrative Console, go to Computer Configuration > Administrative Templates > Windows Components > Windows Update > Manage end user experience and choose “Specify deadlines for automatic updates and restarts. If devices show as “succeeded” but still have vulnerabilities, ensure that the correct updates are included in the ring criteria. Use a dashboard in the console to view information about the software update health status of clients in your environment. ” Nov 26, 2021 · If you are looking for a dashboard that will show a full breakdown of Windows patching across your estate, including errors, safehold issues, delivery optimization figures, and Windows 11 readiness, then look no further. Display all your Software Update compliance in a single view Manage and monitor your software updates compliance like a pro! Quickly identify which device needs a specific software update and patch machine that are vulnerable. The tab displays two charts Windows update status and End of service. This solution included: Azure subscription with Log Analytics Workspace > you can still reuse these, but I would create a new Log Analytics Workspace for the future Azure Marketplace "Update Compliance" solution on top of the Log Analytics Workspace, that provided a commercial ID > not needed anymore Intune OMA-URI, custom configuration May 8, 2024 · The Windows tab in the Software updates page in the Microsoft admin center is populated by data from Windows Update for Business reports. Previously we would have done this through WSUS and had a look at the console, we can still view similar data with WUfB however we have to take care of a few things to set up Update Compliance. Commercial cloud-managed or self-managed with update process transformation. This article will guide you through the steps to effectively manage Windows Updates using Intune. Oct 29, 2024 · Managing compliance and Windows updates across an organization’s devices can be a daunting task. You must have enrolled to Windows Update for Business (WUfB) reports by February 14th to continue receiving reports. Step 2: Force Windows Update Compliance Jun 19, 2025 · This project demonstrates how to implement automated patch deployment and compliance reporting using Azure Update Management. Mar 21, 2022 · This week is focused on the update status of Windows devices. We'll go through what it is and how to set it up. That Update Compliance Workbook enables the IT administrator to get a quick view on the most important details. Jun 17, 2024 · My company supports around 2000 Windows 10/11 desktops and 80 Windows Servers 2012 R2, 2016, and 2019. Mar 3, 2025 · Overview of Microsoft Intune device compliance, including tenant-wide compliance policy settings and device compliance policies. 0? May 26, 2022 · If you're using Windows Update for Business in Microsoft Endpoint Manager you're probably also using Microsoft's Update Compliance solution for reporting. This will be particularly useful when mixed with Windows Update for Business. Jan 31, 2023 · Update Compliance is retiring on March 31st, 2023. However, all Software Updates are reporting at 0% compliance and all devices are reporting as unknown. Does anyone know if Windows Update for Business reports work with the MSEndpointMgr Windows Update Compliance Dashboard V8. Sep 14, 2022 · A KQL driven workbook that helps you visualize Microsoft Update Compliance data. We are utilizing the Software Update Point with WSUS and deploying updates to collections using Software update groups and deployment packages. This PowerShell script automates the management of compliance policies and update rings for Windows 10 and Windows 11 devices using Microsoft Graph API. Jun 24, 2023 · How To Guide: Deploying Windows Update for Business Reports Overview Windows Update for Business reports provides detailed patch compliance information for your Windows endpoints. Jun 9, 2017 · We prefer to leverage DCM and baselines to verify each clients full compliance status (not only including update compliance, but also safety features like BitLocker, Windows Defender, and Credential Guard). g. This addition was the ‘Windows update distribution report’ which essentially details which Quality update your managed devices are currently on, allowing you to determine if your devices are meeting your update requirements and getting onto the latest May 31, 2019 · Update compliance provides a way to track how updates and upgrades are doing in the environment. However in this article we will focus on update compliance. Feb 26, 2025 · Windows 11 is HIPAA compliant inasmuch as the operating system has the security and administrative capabilities to support HIPAA compliance. This shift drives new and increasingly important requirements Nov 11, 2022 · The Windows Update Compliance is offered through the Azure portal and helps you monitor security, quality, and feature updates for Windows 10 or 11. Jan 26, 2021 · Windows Update is joining the Security Compliance Toolkit providing a centralized location for their baseline. Jan 30, 2022 · I'd recommend checking out our compliance deadline docs: https://docs. You can also use Update Manager to make real-time updates or schedule them within Apr 7, 2023 · Because Update Compliance was retired on March 31, 2023, the service was removed. The workbook is broken down into tab sections: Summary Quality updates Feature updates Delivery Jun 23, 2021 · Monitoring Update Compliance Now that we have our devices updating from Windows Update, we need a way to determine whether they are actually working or not. Jan 10, 2025 · Update Compliance is a feature that monitors and reports on the status of updates deployed to Windows 10 and Windows 11 devices. With the April 22nd service release of Intune Microsoft added an additional report to the Windows update reporting section within Intune. Third-party updates will never be applied if the update is in an Unknown state. Operating System - Windows 11 Readiness by Collection standalone report is used to check Windows 11 Upgrade Readiness. To support reporting, you must configure Data collection settings. Through Update Compliance you can: Monitor the quality update, security update and features updates for Windows 10 / Windows 11 You can view a report for device and update issues related to compliance. Update Compliance has been replaced by Windows Update for Business reports. Microsoft has included the license for this service by default with Windows 10 or Windows 11. com/en-us/windows/deployment/update/wufb-compliancedeadlines Grace period is the number of days from pending restart to forced update update. I've heard it being free for Updates Compliance but Microsofts documentation says that you have to pay for reporting. Before you can actually use Update Compliance to collect data and monitor Windows updates, you will need to deploy the commercial ID, to you MDM enrolled devices. Prerequisites Detected endpoints must already be categorized by the Primary Classification policy. While you can see the status of your expedited quality and Feature updates from the Intune portal, there’s no report Mar 3, 2025 · Use the app and driver compatibility reports for Windows devices before you deploy Intune policies for feature updates or update rings. May 13, 2022 · How to use Proactive Remediations and Log Analytics to ensure Windows Update Settings are Optimal and Compliant Feb 11, 2025 · Describes how to track a software updates compliance assessment so that you can deploy only the updates that are required on the clients. Sep 30, 2025 · Explanation and recommendations for update compliance, activity, and user experience for your organization. May 30, 2025 · This article provides information to help IT and compliance professionals understand the personal data policies as related to Windows. Aug 25, 2023 · As many enterprises are leaning towards cloud-driven technologies, Windows Update for Business (WUfB) integrated within Intune is gaining a lot of traction. 0 Back in July last year we released a community version of our Windows Jan 27, 2022 · A failure report filtered to the Insufficient Update Connectivity alert, which shows devices with Insufficient Update Connectivity. Oct 10, 2025 · Namespace: microsoft. Apr 22, 2025 · Windows updates for business often arrive with little fanfare but play a critical role in protecting your business from cybersecurity threats and ensuring compliance with evolving data protection regulations. The Update Compliance Workbook. It provides insights into the update experiences, including the success or failure of installations, the time taken for updates, and other important metrics. Mar 31, 2025 · Windows Update for Business reports is a cloud-based solution that provides information about your Microsoft Entra joined devices' compliance with Windows updates. Over the past year, organizations worldwide have seen a drastic shift to remote and hybrid workforces. To get high update compliance you need to have healthy devices. 6- Windows Update for Business Reports | Update Compliance v2 | HowToSetup • Windows Update for Business Reports | wufb Jul 31, 2024 · Under Devices > Windows > Update rings for Windows 10 and later, check the Device Status for each ring to confirm that devices are indeed receiving the updates. However, by leveraging the power of Microsoft Intune, Azure, PowerShell, and Graph API, you can significantly streamline this process. There seems to be only one caveat with it, and it’s the level of reporting available in Intune for Updates compliance. Sep 14, 2025 · This article explains how to use Azure Update Manager in the Azure portal to assess update compliance for supported machines. Besides that, adding that Update Compliance Workbook in the Microsoft Endpoint Manager admin… Mar 3, 2025 · See a list of all the settings you can use when setting compliance for your Windows, Windows Holographic, and Surface Hub devices in Microsoft Intune. Intune supports the following report options: Reports Jun 14, 2021 · This week is all about enhancing Update Compliance by using a custom Workbook within the Microsoft Endpoint Manager admin console. Mar 2, 2021 · During AMAs and Office Hours, we often receive questions about reporting. Just dropped a big one: my new blog on automating Windows update compliance policy's in Intune! 💻 Dive into GraphAPI, PowerShell, and Azure Runbooks to streamline your compliance policy's . vf 61t jsq7o gyt wls9sn oy 2in rwlxu ngb jz