Microsoft has announced a new Azure feature known as automatic information VM visitors and is designed for the automatic implementation of virtual machines Windows against vulnerabilities recently discovered.
The new feature is now in public preview for Windows VMs on Azure and is designed to help administrators. In VMs, where they are enabled, patches will be installed within 30 days of the monthly version of Windows Update, but only during off-peak hours.
Currently, while you are in the public preview, the automatic VM visitor update comes with the following features:
• The updates code marked as Critical or Security are automatically downloaded and applied to the VM.
• Repairs are applied during off-peak hours in the VM time zone.
• The orchestration of updates is done by Azure and the fixes are applied according to the availability principles.
• Works for all VM sizes.
"With VM VM Automatic Update enabled, it is periodically evaluated to determine which patches have been applied," explains Microsoft.
While Azure will perform periodic code evaluations for VMs where automatic VM visitor updating is enabled, administrators can also enable custom updates at any time for any of their VMs.
"The patch evaluation may take a few minutes to complete and the status of the last evaluation is updated in the VM presence view," adds the Microsoft.
"To enable automatic VM visitor update, make sure the osProfile.windowsConfiguration.enableAutomaticUpdates property is set to true in the VM template definition. This property can only be defined when the VM is created. "
Once enabled on a virtual machine, the Azure platform automatically installs a Microsoft.CPlat.Core.WindowsPatchExtension extension, which can last up to three hours during off-peak hours.
While in the public preview, VM Automatic Update only supports VMs created using a very short list of OS platform images - with more being added periodically - including those Windows Server SKUs: 2012-R2-Datacenter, 2016-Datacenter, 2016 -Datacenter- Server-Core, 2019-Datacenter, 2019-Datacenter-Server-Core.
For this feature to work on a virtual machine, VMs must have Azure VM Agent installed, running Windows Update, must have access to Windows Update endpoints, and must use the Compute API version 2020-06- 01 or newer.
An entry process is required for you to use it during the public preview before the operation starts. The preview version is not recommended for use in production environments, as some of its features may be limited or may not be supported at this time.