Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies to: ✔️ Linux VMs ✔️ Windows VMs
By enabling automatic guest patching for your Azure Virtual Machines (VMs), you can automatically and securely patch your VMs to ensure they remain compliant with security standards."
Supported OS images
Automatic VM guest patching, on-demand patch assessment and on-demand patch installation are supported only on VMs created from images with the exact combination of publisher, offer and sku combinations listed in the supported OS images. Custom images or any other Publisher, Offer, SKU combinations aren't supported. The list of supported images is updated regularly.
If automatic VM guest patching is enabled on a VM, then the available Critical and Security patches are downloaded and applied automatically on the VM.
Note
Only x64 operating systems are currently supported. Neither ARM64 nor x86 are supported for any operating system.
Customized images
For VMs created from customized images even if the Patch orchestration mode is set to Azure Orchestrated/AutomaticByPlatform, automatic VM guest patching doesn't work. We recommend that you use scheduled patching to patch the machines by defining your own schedules or install updates on-demand.
Next steps
- Learn about the supported regions for Azure VMs and Arc-enabled servers.
- Learn on the Update sources, types managed by Azure Update Manager.
- Know more on supported OS and system requirements for machines managed by Azure Update Manager.
- Learn more on unsupported OS and Custom VM images.
- Learn more on how to configure Windows Update settings to work with Azure Update Manager.
- Learn about Extended Security Updates (ESU) using Azure Update Manager.
- Learn about security vulnerabilities and Ubuntu Pro support.