| title | Automatic Guest Patching for Azure Virtual Machines |
|---|---|
| description | Learn how to automatically patch your Azure Virtual Machines and Scale Sets using Azure Update Manager. This article provides an overview of supported OS images, configuration steps, and best practices for maintaining security compliance through automatic guest patching. |
| ms.service | azure-update-manager |
| author | habibaum |
| ms.author | v-uhabiba |
| ms.date | 03/07/2025 |
| ms.topic | overview |
| ms.update-cycle | 1095-days |
Applies to: ✔️ Linux VMs ✔️ Windows VMs
By enabling automatic guest patching for your Azure Virtual Machines (VMs), you can automatically and securely patch your VMs to ensure they remain compliant with security standards."
Automatic VM guest patching, on-demand patch assessment and on-demand patch installation are supported only on VMs created from images with the exact combination of publisher, offer and sku combinations listed in the supported OS images. Custom images or any other Publisher, Offer, SKU combinations aren't supported. The list of supported images is updated regularly.
Check the list of supported OS images. Don't see your SKU in the list? Request support by filing out Image Support Request.
If automatic VM guest patching is enabled on a VM, then the available Critical and Security patches are downloaded and applied automatically on the VM.
Note
Only x64 operating systems are currently supported. Neither ARM64 nor x86 are supported for any operating system.
For VMs created from customized images even if the Patch orchestration mode is set to Azure Orchestrated/AutomaticByPlatform, automatic VM guest patching doesn't work. We recommend that you use scheduled patching to patch the machines by defining your own schedules or install updates on-demand.
- Learn about the supported regions for Azure VMs and Arc-enabled servers.
- Learn on the Update sources, types managed by Azure Update Manager.
- Know more on supported OS and system requirements for machines managed by Azure Update Manager.
- Learn more on unsupported OS and Custom VM images.
- Learn more on how to configure Windows Update settings to work with Azure Update Manager.
- Learn about Extended Security Updates (ESU) using Azure Update Manager.
- Learn about security vulnerabilities and Ubuntu Pro support.