Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Azure Now Installs Security Updates On Windows VMs Automatically

Azure Now Installs Security Updates On Windows VMs Automatically

Microsoft has announced a new Azure capability known as automatic VM guest patching and designed to automatically apply patch Windows virtual machines against newly discovered vulnerabilities.

The new feature is now in Public Preview for Windows virtual machines on Azure and it is designed to help admins maintain their environments’ security compliance by having Azure Virtual Machines (VM) automatically patched.

On VMs where it is enabled, patches will be installed within 30 days of the monthly Windows Update release, but only during off-peak hours.

At the moment, while in Public Preview, automatic VM guest patching comes with the following characteristics:• Patches classified as Critical or Security are automatically downloaded and applied on the VM.
• Patches are applied during off-peak hours in the VM’s time zone.
• Patch orchestration is managed by Azure and patches are applied following availability-first principles.
• Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
• Works for all VM sizes.

On-demand patch assessments also available

“With automatic VM guest patching enabled, the VM is assessed periodically to determine the applicable patches for that VM,” Microsoft explains.

“Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and applied on the VM during off-peak hours. Patch orchestration is managed by Azure and patches are applied following availability-first principles.”

While Azure will perform periodic patch assessments for VMs where automatic VM guest patching is enabled, admins can also trigger on-demand patch assessments at any time, for any of their VMs.

“Patch assessment can take a few minutes to complete and the status of the latest assessment is updated on the VM’s instance view,” Microsoft adds.

Also read: Website Ownership Laws: Your Rights And What It Protects

How to enable automatic VM guest patching

“To enable automatic VM guest patching, ensure that the property osProfile.windowsConfiguration.enableAutomaticUpdates is set to true in the VM template definition. This property can only be set when creating the VM,” Microsoft says.

After being enabled on a virtual machine, the Azure platform automatically installs a Microsoft.CPlat.Core.WindowsPatchExtension extension, with the enablement to take as long as three hours during off-peak hours.

While in Public Preview, automatic VM guest patching only supports VMs created using a very short list of OS platform images — with more to be added periodically — including these Windows Server SKUs: 2012-R2-Datacenter, 2016-Datacenter, 2016-Datacenter-Server-Core, 2019-Datacenter, 2019-Datacenter-Server-Core.

For this feature to work on a virtual machine, the VMs are required to have the Azure VM Agent installed, the Windows Update service running, must be able to access Windows Update endpoints, and must use Compute API version 2020-06-01 or higher.

Until the feature starts rolling out, an opt-in procedure is needed to use it while in public preview.

The preview version is not recommended for use in production environments seeing that some of its features might come with constrained capabilities or might not be currently supported.

Also read: 5 Self Assessment Tools To Find The Right Professional Fit



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us