This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 3%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Hello there,
Any further update on support for CIS hardened images (Windows 2019/2022) in Azure Update Manager?
What's the recommended action if the deadline arrives and the support is not ready?
I saw somewhere else a possible option that would include using a non-cis image, enrolling it in the new Update Management Service, and then using the CIS scripts to harden the image. Is that possible/feasible/supported?
Thanks in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
@CelsoScarpim, thank you for posting this question here. I have reached out to team internally regarding this and will update this thread as soon as I have an update.
@AnuragSingh-MSFT Any update on this, please?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 13%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
We too are waiting for ETA on this one. We have started migration of Arc machines to Azure Update Manager but still not sure what to do with CIS images. Hopefully, Microsoft can provide some clear guidance on what we need to do to patch CIS images.
@CelsoScarpim, Could you please share the Offer, Publisher and Sku information of the images for which you are looking for CIS hardened image? For example, consider the following screenshot:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 54%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Please use this form to request support https://forms.microsoft.com/pages/responsepage.aspx?id=v4j5cvGGr0GRqy180BHbR8SQCvBHdBRGmoav-MUl5-hUNjdTUDNRWEI2TkU0Wk1STUNLVzRKREkwMS4u
CelsoScarpim, Arlene Reyes, following up to check if you had a chance to submit the information as required using the form shared by Nikhil?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 86%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EML%3C/text%3E%3C/svg%3E)
I am the product manager at CIS for the CIS Hardened Images. We've been working with the Microsoft Update Manager team to obtain support for the images prior to the August 2024 deprecation date.
I'm very excited to report that the Microsoft Team has provided support for 35 images so far, with 30 more planned. You can find their documentation on the recent tech blog post: https://techcommunity.microsoft.com/t5/azure-governance-and-management/azure-update-manager-to-support-cis-hardened-images-among-other/ba-p/4195864
CIS images should have been supported by the end of July.
However mine are still showing as unsupported.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 28.999999999999996%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELL%3C/text%3E%3C/svg%3E)
same :(
same :(
Hi CelsoScarpim,
Update manager team is working on supporting CIS hardened images in marketplace, as of now there is no ETA as validations are being made.
It is possible to use Update manager on a marketplace vm and then harden it using scripts. Note that in this case Update manager can be used but this scenario is unsupported as currently Azure Update Manager doesn't support hardened images.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 77%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERY%3C/text%3E%3C/svg%3E)
Support for CIS hardened images in Azure Update Manager has been released. Refer to this blog post: https://aka.ms/aum-cis-images-blog