Help CenterAtera's patch management capabilities give you total administrative control over device patching. In addition to selecting the patch categories via an IT automation profile, you can also exclude patches you don't want to install.
Exclude OS and software patches
You can exclude OS patches that you don't want to install. You can select from critical, security, service packs, drivers and tools, and Mac OS updates. You can also exclude software patches that you don't want to install. Software patches are installed/excluded via our integrations with Chocolatey and Homebrew
To exclude patches:
1. From Admin (on the sidebar), click Patch Management and IT Automation.
The Patch Management and IT Automation page appears.
2. Click the relevant profile (or create a new one by clicking Add profile). The profile appears.
3. Click Manage (under Excluded OS Patches). The Select Patches window appears.
4. Select the patches you want to exclude. Then click Select.
Note:
- To avoid excluded patches from being installed, disable automatic Windows updates. If not disabled, Windows Update can still install excluded patches and override patch exclusion settings in Atera's IT automation profiles.
The profile appears.
5. Click Save.
The selected patches are now excluded in the automation profile (and will be excluded when assigned to and run on customers and agents).
Note:
- Remember to assign the profile to the relevant customers or agents
- You can also exclude OS patches from ALL automation profiles, in addition to excluding them from individual profiles.
Windows local updates are moving!
Important note: We've made some changes to the way Windows update settings are managed on end-user devices. Instead of managing them within IT automation profiles, you can now create a configuration policy for Windows automatic updates; to manage these settings for a specific device, folder, or customer. This gives you greater control and flexibility over when and how updates are installed, and ensures that the Windows local updates settings are enforced consistently across all relevant devices.
How will this affect my IT automation profiles?
When creating a new IT automation profile
The Windows Local Update section will no longer be visible when creating a new profile. Instead, you can manage these settings via Configuration Policies
When updating an existing IT automation profile
You may still see the Windows local updates section in legacy IT automation profiles (depending on your previous configuration).
- If 'Don't affect' was selected: The Windows local updates section will no longer be visible but the functionality remains the same. "Don't affect" simply means that no specific policy for Windows automatic updates is applied to the devices under that profile and the devices will adhere to their local policy for automatic updates. To manage Windows automatic updates entirely via Atera's IT automation profiles, create a configuration policy
- If 'Enable' or 'Disable' was selected: The Windows Local update section will still be visible and the relative functionality will continue to be applied to the devices under that profile. However, please note that the option to control Windows local updates within IT automation profiles will soon be deprecated. To avoid any potential issues we highly recommend you migrate these settings by creating a configuration policy to manage Windows automatic updates
Ensure the same Windows update behavior with configuration policies
To migrate your Windows automatic update settings from IT automation profiles to configuration policies, please follow the instructions in this article
Alina Anton