Let’s learn about know issues related to the Azure Virtual Desktop patching issue. This issue only applies to AVD (a.k.a) virtual machines managed using SCCM (Configuration Manager) and WSUS. The patching issue is only impacting Windows 10 Enterprise multi-session, version 1909.
If you manage Azure Virtual Desktop (AVD) with Intune and Windows update for business (WUfB), this issue doesn’t impact Intune-managed AVD session hosts. Azure Virtual Desktops may not download and update via SCCM and Windows Server Update Services (WSUS).
Microsoft is still investigating this issue to find more details. You can try using the offline method to work around the patch issue. You can try importing patches to WSUS manually using the following method.
NOTE! – The issue (“You’re up to date“) with AVD patching using SCCM explained in this article is resolved with KB5005566. Thanks to Tony Bowe for sharing this information. More details are in the below section of the post.
Issue Azure Virtual Desktop Patching
The AVD patching issue is observed in the Settings app under the Windows Update setting, which will display the message “You’re up to date” even if no updates later than May 2021 have been installed.
- Windows 10 Enterprise multi-session, version 1909.
Windows Server multi-session, version 1909(I’m not sure whether this OS is supported in AVD scenario).
Workaround Azure Virtual Desktop Patching Issue
There is no resolution of the fix for the AVD session host patching issue as per Microsoft details. However, Microsoft provided a workaround to fix the AVD patching issue.
There are 2 alternatives to a workaround for this issue.
- Create an updated image for AVD Windows 10 mutli-session update with latest Windows updates.
- Download monthly security updates – More details – https://support.microsoft.com/en-us/topic/kb5004926-download-windows-10-version-1909-monthly-security-updates-for-windows-10-enterprise-multi-session-version-1909-3f670ebe-d3f9-4b9e-af64-16c177612bc7
Fix AVD Azure Virtual Desktop Patching Issue using SCCM
The issue where devices were running Windows 10 Enterprise multi-session, version 1909 might not download updates later than May 2021. This is observed in the Settings app under the Windows Update setting, which will display the message “You’re up to date” even if no updates later than May 2021 have been installed.
Microsoft fixed the patching issue with AVD Azure Virtual Desktop when using SCCM/WSUS for patching Windows 10 multi-session VMs. The following hotfix fixed the issue as per Microsoft documentation KB5005566.
More details – https://docs.microsoft.com/en-us/windows/release-health/status-windows-10-1909#1643msgdesc