Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Applies to: ✔️ Windows VMs ✔️ Linux VMs ✔️ On-premises environment ✔️ Azure Arc-enabled servers.
This article provides the details on security vulnerabilities and Ubuntu Pro support in Azure Update Manager.
Standard Ubuntu Long-Term Support (LTS) provides security updates for packages in the Main
repository. However, it does not include security patching from Canonical for the thousands of packages in the Universe
repository. This can expose systems to security threats even on a fully patched, supported LTS version.
For systems where the operating system has reached the end of its standard support, such as Ubuntu 20.04 LTS, the risk is higher as security updates are no longer provided for the Main
repository either.
To address potential patching disruptions, you can either migrate to a newer version of LTS or enable Ubuntu Pro. Migrating to a newer LTS version restores standard support for the Main
repository. Enabling Ubuntu Pro provides Expanded Security Maintenance (ESM), which delivers patches for the Universe
repository on all LTS versions (esm-apps
) and extends patching for the Main
repository on systems that are past their standard support window (esm-infra
).
Ubuntu Pro on Azure Update Manager
Azure Update Manager assesses both Azure and Arc-enabled VMs to identify available security updates. It will highlight when an Ubuntu VM has vulnerabilities that can be patched by enabling Ubuntu Pro. This applies to vulnerabilities in the Universe
repository for any LTS version, and to systems past their standard support period. For example, an Ubuntu Server 18.04 LTS instance on Azure Update Manager has information about upgrading to Ubuntu Pro.
You can continue to use the Azure Update Manager capabilities to remain secure after migrating to a supported model from Canonical.
Note
For detailed information on Ubuntu LTS release cycles, end-of-support dates, and official upgrade paths, see the Canonical Ubuntu LTS end of standard support guidance.
- Ubuntu offers 20.04 LTS and 22.04 LTS as a migration from 18.04 LTS. Learn more.
Next steps
-- Learn about the supported regions for Azure VMs and Arc-enabled servers.
- Learn on the Update sources, types managed by Azure Update Manager.
- Know more on supported OS and system requirements for machines managed by Azure Update Manager.
- Learn on Automatic VM guest patching.
- Learn more on unsupported OS and Custom VM images.
- Learn more on how to configure Windows Update settings to work with Azure Update Manager.
- Learn about Extended Security Updates (ESU) using Azure Update Manager.