Deploying Software Updates

Table of Contents

After you deploy software updates or when an automatic deployment rule (ADR) runs and deploys software updates, a deployment assignment policy is added to the machine policy for the site. The software updates are downloaded from the download location to the package source. The software updates are copied from the package source to the content library on the site server, and then copied to the content library on the distribution point.

When a client computer in the target collection for the deployment receives the machine policy, the Software Update Client Agent starts an evaluation scan. The client agent downloads the content for required software updates from a distribution point to the local client cache at the Software available time setting for the deployment and then the software updates are available to install. The software updates in optional deployments (deployments that do not have an installation deadline) are not downloaded until a user manually starts the installation.

When the configured deadline passes, the Software Updates Client Agent performs a scan to verify that the software updates are still required. Then it checks the local cache on the client computer to verify that the software update source files are still available. Finally, the client installs the software updates. If the content was deleted from the client cache to make room for another deployment, the client re-downloads the software updates from the distribution point to the client cache. Software updates are always downloaded to the client cache regardless of the configured maximum client cache size. When the installation is complete, the client agent verifies that the software updates are no longer required, and then sends a state message to the management point to indicate that the software updates are now installed on the client.

Required System Restart

By default, when software updates from a required deployment are installed on a client computer and a system restart is required for the installation to finish, the system is restarted. For software updates that were installed before the deadline, the automatic system restart is postponed until the deadline, unless the computer is restarted before that deadline for some other reason.

Deployment Re-evaluation Cycle

Client computers start a software update deployment re-evaluation cycle once a day. During this evaluation cycle, the client computer scans for software updates that were previously deployed and installed. If any software updates are missing, the software updates are reinstalled from the local cache. If a software update is no longer available in the local cache, it is downloaded from a distribution point and then installed.

Update Notifications

If you want to change notifications so that clients do not receive them when monthly patches are released, you can do the following:

From the Configuration Manager console, select Monitoring and then Deployments. Look for the specific deployment you want to change notifications for. You may want to sort by purpose to view all required deployments.

For example, right click on "Windows 10 All - Required" with a purpose of required and click on Properties. Click on the User Experience tab. From the drop-down list, select Hide in Software Center and all notifications. Then click OK.
Repeat the process for each deployment you want to hide notifications for. For example, you might want to repeat this process with "Microsoft 365 Apps and Office LTSC - Required".



Related Information