Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-11-12 18:01:40
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
—
Services
Windows
Tags
Admin impact
Master tags
Security
Roadmap IDs
One-line summary
Windows Autopatch will be available for US government organizations in Microsoft 365 Government starting November 2025, enabling automated update management for GCC devices.
Similar updates
More like thisMC1046878 (Updated) Hotpatch for Windows client now available
MC1107364 Hotpatching now enabled by default for new Windows quality update policies
MC1126054 Upgrade to Windows 11 with Windows Autopatch groups
MC999973 Reminder: Hotpatch eligibility and prerequisites
MC1106737 Get started with June 2025 improvements in Windows 11
MC1068760 Resources to get started with hotpatch updates for Windows 11, version 24H2
Details
Body (from Message Center)
The power of automated Windows update management is coming to government SKUs. This cloud-based service has now been approved to be added to the Azure FedRAMP High Provisional Authorization to Operate. If you manage Government Community Cloud (GCC) devices, this service became part of Microsoft 365 Government this month.
When will this happen:
Windows Autopatch is available to US government organizations starting November 2025.
How this will affect your organization:
This is what Windows Autopatch allows you to accomplish for your GCC devices:
- Control over which content is approved for deployment to which devices
- Automation of a safe rollout process
- Faster security with hotpatching
- Pausing or expediting monthly quality updates or drivers
- Simplified update compliance reporting
- Policy management and reporting through the Microsoft Intune admin center
What you need to do to prepare:
Review additional information for prerequisites and complete details. Here’s one way to get started:
- Go to the Microsoft Intune admin center.
- In the left pane, select Tenant administration and then navigate to Windows Autopatch > Autopatch groups.
- Create a Windows Autopatch group and assign devices, automating a few things:
- Distribute devices for gradual rollout into a set of Microsoft Entra groups.
- Configure a safe rollout schedule using update rings.
- (Optional) Configure content approval using feature and driver update policies.
- (Optional) Configure update settings for Microsoft 365 Apps and Microsoft Edge.
- Enroll devices to receive hotpatch updates, getting them secure faster.
- That’s it! Just monitor the reports to ensure that you’re hitting your update compliance targets.
Additional information:
- Read the announcement at Windows Autopatch for the US government: How to get started.
- Double-check that your devices meet the prerequisites for Windows Autopatch.
- Configure role-based access control to manage access to your organization’s resources.
- Configure your network.
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": null,
"ai_actions": [
"Review prerequisites for Windows Autopatch",
"Create and assign Autopatch groups in Intune",
"Configure update policies and schedules",
"Enroll devices for hotpatch updates",
"Monitor update compliance reports",
"Set up role-based access control",
"Configure network for Autopatch"
],
"ai_master_tags": [
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "Windows Autopatch will be available for US government organizations in Microsoft 365 Government starting November 2025, enabling automated update management for GCC devices.",
"ai_topics": [
"Windows",
"Microsoft 365",
"Intune",
"Entra"
],
"category": "stayInformed",
"details_map": {},
"id": "MC1185309",
"importance": 0,
"is_major_change": false,
"last_modified": "2025-11-12T18:01:40Z",
"ms_products": [
"Windows"
],
"platforms": null,
"roadmap_ids": [],
"services": [
"Windows"
],
"severity": "normal",
"tags": [
"Admin impact"
],
"title": "Windows Autopatch for the US government: How to get started"
}
}