Help CenterEffortlessly manage and enhance the security of your computing devices through Atera's comprehensive patch management system. This solution empowers users to effortlessly review, update, and maintain their installed packages, ensuring optimal system performance and security. To acquire guidance on the installation of patches, please refer to our informative articles dedicated to Windows, Mac, and Linux patching procedures.
Patch Management for Windows
Atera empowers you to install and oversee patches on Windows devices, automate update installations, and exercise control over patch approval and exclusion for your devices.
How it works?
Atera leverages the Windows Update Agent (WUA) API to interface with Windows Update and identify available updates. Consequently, patches within Atera are updated approximately every hour. Subsequently, technicians may opt for manual or automatic patch installation.
Atera's Patch Management centralizes control over all patches, offering particular significance in server environments. It is prudent to initially conduct update testing in a staging environment before promoting updates to production. Note that Atera and local device views may differ due to the use of the WUA API. Configuration policies allow users to deactivate built-in Windows updates.
Updates through the WUA API are closely monitored and managed by Microsoft, potentially resulting in updates being released at different intervals than their standard schedule. While certain updates may not appear immediately, they will eventually be accessible via Atera.
Prerequisites
In order for Patch Management to function on Windows, the Windows Update service must be enabled in the Service Manager. Please be aware that in Windows 7, even if the "Never check for Updates" option is selected, Atera will still perform patch checks and installations.
How Do I Install Patches Manually?
For manual patch installation on a device, Atera presents a list of available patches from which technicians can select. Detailed instructions for installing Windows updates on your devices can be found in our article.
Relationship with Windows Server Update Services (WSUS)
Atera operates independently from WSUS. Therefore, the Windows update service can be configured for automatic operation. If WSUS runs prior to the IT Automation Profile, updates will be installed based on predefined settings. Conversely, if the IT Automation profile executes before WSUS, updates will be installed first.
Patch Management for Mac
Atera provides you with the capability to install and manage patches on Mac devices, and automate the installation of updates.
How it works?
Atera utilizes the native Mac OS software update tool to install and manage patches on Mac devices. The patch management module within Atera displays available macOS installers, categorized as 'Upgrades,' and recommended Mac updates designated by Apple as recommended. The content available in Atera should mirror the output of the following command:
softwareupdate -l -r
Manual Patch Installation
To manually install patches on a device, Atera provides a list of available patches, allowing technicians to select the desired updates. Detailed instructions for installing Mac updates on your devices are available in our article.
Patch Management for Linux
Atera utilizes the APT (Advanced Package Tool) for Linux agents to retrieve and install OS updates on Linux devices. Presently, our Linux patch management tool supports Ubuntu 18 and Debian 11 (and above) distributions. APT comes pre-installed on Debian and Ubuntu distributions and Atera is compatible with all APT versions. You can ascertain the installed version of APT on your devices using the following command:
apt-show-versions
Manual Patch Installation
For manual patch installation on Linux devices, Atera presents a list of available patches, enabling technicians to select the desired updates. Detailed instructions for installing Linux updates on your devices can be found in our articles.
FAQ
-
Automated Patch Installation: To automate patch installation, technicians must establish an IT automation profile. Refer to our documentation for comprehensive instructions. Please note that automated patch installation for Linux devices is not currently supported.
-
Offline Agents during Scheduled IT Automation: Users can set the "Run on (offline) Agents" period for IT Automation tasks, with options including one hour, one day, one week, two weeks, or one month. Agents that come online within the defined time frame will receive and execute the profile. This option is enabled by going to Admin > Patch Management and IT Automation, at the bottom of the page, the option Run on offline agents will be present.
-
IT Automation Task Feedback: Technicians and end-users can access feedback, including installation success and failure details, for IT Automation profiles in the Patch & Automation Feedback report. This report can be received via email or accessed directly in the user interface.
-
Handling of Offline Agents: Technicians have the ability to specify the "Run on Agents" time period within the IT Automation Profile. If an agent becomes online during the defined time frame, tasks and patches will be executed, and the report will be updated accordingly.
-
Reboot Functionality: When the "Reboot if needed" option is selected within the IT Automation Profile, Atera will initiate a system reboot if necessary following the installation of all patches currently present.
-
EULA Handling: Atera will automatically accept End-User License Agreements (EULA) as required.
Julian Kudo