Azure Update Manager KBIDs inclusions in a maintenance configurations for a VM Patching

Question

Azure Update Manager KBIDs inclusions in a maintenance configurations for a VM Patching

Garg,Srishti 40

I have onboarded Azure Update Manager to patch windows/linux servers based on customer managed schedule as per different maintenance configurations. Now as I am doing patching after microsoft release its updates so previous months updates are getting superseded by new updates. To resolve this, I want to include specific previous months patches to the existing schedule using either powershell or maintenance configurations (used below powershell cmdlet for).
I tried testing it manually, adding KBIDs, to include in an existing schedule and also through one time update but it didn't worked.
I need help to understand if it is feasible to implement. Can we do these inclusions ?If yes, help me with the ideal process.

Also I have enabled periodic assessment on the VMs. How can we reduce the frequency of VM patching assessments? User's image

Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-18T00:31:30.8466667+00:00

Hi Garg,Srishti

To include specific previous month's patches (KBIDs), you can use the "Include KB ID/package" option when configuring your maintenance configurations in Azure Update Manager. This feature allows you to add one or more KB IDs or package names manually. Once entered, you’ll be able to preview the selected updates in the "Selected Updates" section to ensure they are properly recognized and will be included in the patching process.

If you're encountering issues when adding KBIDs—either manually or via PowerShell—please ensure that:

The syntax used for each KBID is correct.

The KBIDs are still available and applicable to the OS versions on the target VMs.

The VMs are reporting properly to Azure Update Manager and are in a supported state.

Additionally, if you receive errors or the KBIDs are not being applied as expected, I recommend reviewing the logs or activity history in Azure Update Manager to identify any specific errors that may help pinpoint the cause.

Regarding the frequency of VM patching assessments, while the default assessment schedule is handled by Azure Update Manager, current configuration options to reduce or modify the frequency directly are limited.

https://learn.microsoft.com/en-us/azure/update-manager/deploy-updates?tabs=install-single-overview%2Cinstall-scale-overview#install-updates-on-a-single-vm
https://learn.microsoft.com/en-us/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview%2Cwindows-maintenance#schedule-recurring-updates-on-a-single-vm

https://learn.microsoft.com/en-us/azure/update-manager/troubleshoot?tabs=azure-machines#resolution-6
let us know if any help, we will always help as you needed.!

If the comment is helpful, please click "Upvote it".
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-18T17:56:22.24+00:00

Hi Garg,Srishti
If you had a chance to see my Answer to your question. If it was helpful, please click "Upvote" and ''accept answer'' on my post let us know Thank you...!
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-21T18:20:39.1833333+00:00

Hi Garg,Srishti
We haven't heard back from you. Please reply if you have any questions in this matter and we will gladly continue the discussion.
Garg,Srishti 40 Reputation points

2025-04-22T06:38:34.0666667+00:00
Hi @Pranay Reddy Madireddy
Have few more queries. Can you please help me with these?

Will this(KBIDs inclusion) work on a existing maintenance configuration?

Should KBIDs be included in the pending updates catalog or it will install despite not being in the catalog?

Is there any alternative to install missing updates that got superseded with new patch release on every month's second tuesday? I can see gaps in my machines and missing with previous month's update.

Accepted answer

0 additional answers

Your answer

Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-18T00:31:30.8466667+00:00

Hi Garg,Srishti

To include specific previous month's patches (KBIDs), you can use the "Include KB ID/package" option when configuring your maintenance configurations in Azure Update Manager. This feature allows you to add one or more KB IDs or package names manually. Once entered, you’ll be able to preview the selected updates in the "Selected Updates" section to ensure they are properly recognized and will be included in the patching process.

If you're encountering issues when adding KBIDs—either manually or via PowerShell—please ensure that:

The syntax used for each KBID is correct.

The KBIDs are still available and applicable to the OS versions on the target VMs.

The VMs are reporting properly to Azure Update Manager and are in a supported state.

Additionally, if you receive errors or the KBIDs are not being applied as expected, I recommend reviewing the logs or activity history in Azure Update Manager to identify any specific errors that may help pinpoint the cause.

Regarding the frequency of VM patching assessments, while the default assessment schedule is handled by Azure Update Manager, current configuration options to reduce or modify the frequency directly are limited.

https://learn.microsoft.com/en-us/azure/update-manager/deploy-updates?tabs=install-single-overview%2Cinstall-scale-overview#install-updates-on-a-single-vm
https://learn.microsoft.com/en-us/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview%2Cwindows-maintenance#schedule-recurring-updates-on-a-single-vm

https://learn.microsoft.com/en-us/azure/update-manager/troubleshoot?tabs=azure-machines#resolution-6
let us know if any help, we will always help as you needed.!

If the comment is helpful, please click "Upvote it".
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-18T17:56:22.24+00:00

Hi Garg,Srishti
If you had a chance to see my Answer to your question. If it was helpful, please click "Upvote" and ''accept answer'' on my post let us know Thank you...!
Pranay Reddy Madireddy 4,510 Reputation points Microsoft External Staff Moderator

2025-04-21T18:20:39.1833333+00:00

Hi Garg,Srishti
We haven't heard back from you. Please reply if you have any questions in this matter and we will gladly continue the discussion.
Garg,Srishti 40 Reputation points

2025-04-22T06:38:34.0666667+00:00

Hi @Pranay Reddy Madireddy
Have few more queries. Can you please help me with these?

Will this(KBIDs inclusion) work on a existing maintenance configuration?

Should KBIDs be included in the pending updates catalog or it will install despite not being in the catalog?

Is there any alternative to install missing updates that got superseded with new patch release on every month's second tuesday? I can see gaps in my machines and missing with previous month's update.

Answer 1

Hi Garg,Srishti

Will KBIDs inclusion work on an existing maintenance configuration?

Yes, it will. Go to the maintenance configuration, click on Updates, and include the required KBID(s).

Should KBIDs be included in the pending updates catalog or will it install even if not in the catalog?

Once the KBID is added to the maintenance configuration, it will be installed during the next scheduled run, along with other pending updates—even if it’s not currently listed in the catalog. (as long as it's still applicable and available from Windows Update or WSUS).

3. Is there an alternative to install missing updates that were superseded by newer patches released on Patch Tuesday?

If you’re noticing gaps or missing updates from previous months, there are two approaches:

Recommended: Schedule your maintenance configuration after the second Tuesday of every month (Patch Tuesday) to ensure all updates, including superseded ones, are considered.

Alternative: Refer to the official Microsoft documentation for monthly updates. Then, check the update history on the VM and manually include any missing KBIDs in the existing maintenance configuration.

User's image

Please let me know if you face any challenge here, I can help you to resolve this issue further

Please provide your valuable comments User's image

Please do not forget to "Accept the answer” and “upvote it” wherever the information provided helps you, this can be beneficial to other community members.it would be greatly appreciated and helpful to others.

Share via

Azure Update Manager KBIDs inclusions in a maintenance configurations for a VM Patching

0 additional answers

Your answer