| title | Azure Update Manager update sources, and types |
|---|---|
| description | This article provides information on update sources, update types, Microsoft updates and Third party updates for managing updates on your Azure VMs and servers. |
| ms.service | azure-update-manager |
| author | habibaum |
| ms.author | v-uhabiba |
| ms.date | 02/26/2025 |
| ms.topic | overview |
| ms.update-cycle | 1095-days |
This article provides detailed information on the supported update sources, update types, Microsoft application and Third party updates that can be managed using Azure Update Manager.
Azure Update Manager honors the update source settings on the machine and will fetch updates accordingly. AUM doesn't publish or provide updates. For more information, see the supported update sources.
The following types of updates are supported.
Operating system updates - Azure Update Manager supports operating system updates for both Windows and Linux.
Note
Update Manager allows you to view driver updates during assessment but doesn't currently support installing driver updates on your machines.
By default, the Windows Update client is configured to provide updates only for the Windows operating system.
If you enable the Give me updates for other Microsoft products when I update Windows setting, you also receive updates for other Microsoft products. Updates include security patches for Microsoft SQL Server and other Microsoft software.
Use one of the following options to perform the settings change at scale:
• For all Windows Servers running on an earlier operating system than Windows Server 2016, run the following PowerShell script on the server you want to change:
$ServiceManager = (New-Object -com "Microsoft.Update.ServiceManager")
$ServiceManager.Services
$ServiceID = "7971f918-a847-4430-9279-4a52d1efe18d"
$ServiceManager.AddService2($ServiceId,7,"")
• For servers running Windows Server 2016 or later, you can use Group Policy to control this process by downloading and using the latest Group Policy Administrative template files.
Note
Run the following PowerShell script on the server to disable Microsoft applications updates:
$ServiceManager = (New-Object -com "Microsoft.Update.ServiceManager")
$ServiceManager.Services
$ServiceID = "7971f918-a847-4430-9279-4a52d1efe18d"
$ServiceManager.RemoveService($ServiceId)
Azure Update Manager uses the locally configured update repository to update supported Windows systems. These repositories can be Windows Update or WSUS. When you use WSUS, import and publish third-party applications and custom updates to WSUS.
Third party application updates are supported in Azure Update Manager. If you include a specific third party software repository in the Linux package manager repository location, it's scanned when it performs software update operations. The package isn't available for assessment and installation if you remove it.
As Update Manager depends on your machine's OS package manager or update service, ensure that the Linux package manager or Windows Update client is enabled and can connect with an update source or repository. If you're running a Windows Server OS on your machine, see Configure Windows Update settings.
- Learn about the supported regions for Azure VMs and Arc-enabled servers.
- Know more on supported OS and system requirements for machines managed by Azure Update Manager.
- Learn on Automatic VM guest patching.
- Learn more on unsupported OS and Custom VM images.
- Learn more on how to configure Windows Update settings to work with Azure Update Manager.
- Learn about security vulnerabilities and Ubuntu Pro support.
- Learn about Extended Security Updates (ESU) using Azure Update Manager.