I am working on a set of policies when zero day patches happen. Something I could not figure out is how to target multiple specific patches in one policy. I did create multiple advanced polices targeting the patches and ran those. Is there something that I missing or is there a better way to do this.
Best answer by JohnG-AutomoxView original
The Patch Only policy will allow you to target multiple KBs using the Package Targeting filter.
You can add as many packages as you’d like to this list:
Please note that the KBs or packages must first be available for the devices in Windows Update before they will appear in the Package Targeting list.
This is a great way to separate out a Policy that only patches specific packages. The Windows Security Definitions, Servicing Stack, or Feature Updates are a great example of this!
You can learn more about the Patch Only policy here: https://help.automox.com/hc/en-us/articles/5775441950356-Creating-a-Patch-Policy#CreatingaPatchPolicy-PatchOnly
For out of band packages that are not available via Windows Update natively, you can use a custom worklet for enforcing deployment.
Here are some examples of that,
I hope this helps. Have a great day!