Wake up asset to apply windows updates

REQUEST: to have a tick box on the WIndows Updates policy, that would give us the ability to wake a machine up at the scheduled time.

REASON: (1) We would be able to ensure ALL machines are awake to be patched and/or restarted at the time specified, meaning we don’t ahve to worry about end-users that have put their machines to sleep. (2) it would avoid the “my machine is doing updates, please cancel them” phone calls the next morning if the client has shut down instead of leaving their machines on. (3) it would allow machines to be patched during out-of-hours without increasing possible attack surface (that is, machines awake for a threat actor to get hold of - if they’re only woken up just before the secheduled time, they can’t be accessed either :slight_smile: ). Being able to turn machines on, update, and restart till they’re done would make happier end-users and that makes tech’s lives easier!

There could be two ways to accomplish this: WoL or creating a scheduled task to wake the asset. Ideally, i’d prefer the second option simply because sometimes devices aren’t always on the same subnet for a WoL to work.

5 Likes

Critical for us - we need to wake multiple machines from multiple clients on evenings to apply updates - doing it one by one is just not possible -

See my suggestion here: