Microsoft Releases New APIs For Managing Windows Update

New Microsoft Graph APIs released today in public preview allow developers and IT professionals to manage Windows 10 updates and expedite Windows 10 security updates in enterprise environments.

Microsoft Graph is an API platform that helps developers create apps capable of accessing Microsoft 365, Windows 10, and Enterprise Mobility + Security data.

Access to deployment service update management capabilities

“By connecting deployment service capabilities with Microsoft Graph, app developers can easily build rich update management tools and extend these experiences with contextual user data (such as leveraging a user’s calendar data when scheduling an update),” Microsoft Principal Program Manager David Mebane explained.

The deployment service Mebane refers to is the Windows Update for Business deployment service, a cloud service announced by Microsoft in March and providing control over the approval, scheduling, monitoring, and safeguarding of Windows Update controls.

With its release, Microsoft has expanded Windows Update device management features available to IT pros, making it possible to:• Schedule update deployments to begin on a specific date (ex: deploy 20H2 to these devices on March 14, 2021)
• Stage deployments over a period of days or weeks using rich expressions (ex: deploy 20H2 to 500 devices per day, beginning on March 14, 2021)
• Bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization when emergencies arise
• Ensure coverage of hardware and software in your organization through deployments that are tailored to your unique device population through automatic piloting
• Leverage Microsoft ML to automatically identify and pause deployments to devices that are likely to be impacted by a safeguard hold
• Manage driver and firmware updates just like feature updates and quality updates

Also Read: By Attending This Event You Agree To Be Photographed

The Microsoft Graph API released today in public preview further extend these fine-grained controls, allowing customers to interact with the deployment service via apps that can help them:

• Approve and schedule specific feature updates to be delivered from Windows Update on a specific date – including skipping or not taking feature updates.
• Stage deployments over a period of days or weeks using rich expressions (ex: deploy 20H2 to 500 devices per day, beginning on May 11, 2021)
• Bypass pre-configured Windows Update for Business policies to immediately deploy a security update across your organization.
• Deliver safer update results by leveraging automatic pilots for any deployment.

Available starting today

Customers with supported Windows or Microsoft 365 subscriptions can access the deployment services through the new APIs starting today.

To start using the new Microsoft Graph APIs today, you need one of the following subscriptions: 

• Windows 10 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
• Windows 10 Education A3 or A5 (included in Microsoft 365 A3 or A5)
• Windows Virtual Desktop Access E3 or E5
• Microsoft 365 Business Premium

Also Read: What Legislation Exists in Singapore Regarding Data Protection and Security?

Devices compatible with the deployment service must be Azure AD joined or Hybrid AD joined, and run Pro, Enterprise, Education, or Pro Education editions of Windows 10, version 1709 or later.

Further information on enrolling devices for management, managing feature updates, and expediting security updates is available here.