We published a new version last week!
You can review the full/complete change log in the app under Help > Check for updates > View change log
The Best Windows Patch Management Software & WSUS Tools
We published a new version last week!
You can review the full/complete change log in the app under Help > Check for updates > View change log
One of the cool things about BatchPatch is the feature we call the Job Queue. The Job Queue enables you to create a list of actions which can then be performed sequentially on desired target computers with just a single click to launch the queue. You can create job queues that perform just about any action that BatchPatch is able to perform, but in an automated, sequential way. For example, if you want to run a script, then deploy a software update, then run another script, it’s very simple to do that with the job queue. Once you’ve created the job queue, you can save it so that whenever you need to run it on numerous remote computers, you can just launch the process for all of those computers at the same time in just a single click. Or you can schedule it to run at a particular datetime. In the example below we are going to create a queue that will execute a script, then deploy an application, then execute another script, and then initiate a reboot. It will then wait until the reboot completes, and finally it will perform a download and installation of Windows Updates, and finish it up with a final reboot.
I’ve put my scripts into:
E:\Temp\Scripts\Before.cmd
E:\Temp\Scripts\After.cmd
I’ve put my software installer file into:
E:\Temp\Scripts\Installer.exe
First we have to create a deployment for each script and for the software installer. I’m using Actions > Deploy > Create for each of these. Below you can see a screenshot of each deployment configuration. After creating each deployment, I gave it a title and then used the double-right-arrow button to save it, which added it to the list of Saved Deployments on the right side of the deployment configuration window.
Next we’ll create the Job Queue. I use Actions > Job Queue > Create. The screenshot below shows my Job Queue configuration. I found the three deployments that I created in the lower-left Saved User-Defined Command and Deployments list. I just double-clicked on each one to load it into the Job Queue. The other actions I selected were found in the Special and Actions lists on the left side of the job queue form.
The last thing to do is actually execute the job queue. We select the desired hosts in the grid, and then we use Actions > Job Queue > Execute saved job queues to select the job queue that we just created/saved.
Alternatively, if we wanted to schedule this job queue to execute on a particular day or time, we would select the desired target hosts in the grid and click on Actions > Task Scheduler > Create/modify. Then in the Task Scheduler window, we’d select our Job Queue from the drop-down list of tasks. Then set our date/time and click OK, and finally click the timer/clock icon in the upper-right corner of the BatchPatch main form to turn it from red to green, indicating that the scheduler is enabled.
In the Job Queue window in BatchPatch under Actions > Job queue > Create/modify job queue there is a Special listbox that contains items that can be inserted to a job queue to enable behavior for looping and/or branching. As a start, notice:
Insert label:X
Goto label:X
You can easily insert a Label at any step in your queue, which can be used in conjunction with a Goto. Then during queue’s execution when the Goto is reached, it will instruct execution to jump to wherever the Label is in the queue. For example, the loop below is an example of something that you would never want to do in practice. It’s an infinite loop that just waits 1 minute on each iteration while doing nothing.
However, here is a more useful real world example of what a sysadmin might actually do. The loop in the screenshot below will attempt to download and install updates repeatedly until 0 updates are available for download/install. When 0 updates are available, execution skips to the Label:End. However, if for some reason there are updates available but perhaps failing to install, the loop also ends if it executes 5 times. Note, there is no reboot operation occurring in this loop, so a great add-on would be to put a reboot command as the very last step below Label:End.
There is generally only one reason why a deployment hangs indefinitely, stuck in the ‘Executing’ phase in BatchPatch: You did not use the correct silent/quiet installation parameter for your deployment. As a result, the deployment appears to get stuck, hanging indefinitely. This is because the deployment is actually waiting for user input on the target computer (it might be stuck at a screen that prompts you to click ‘Next’ or click ‘OK’ to continue, for example), but since all deployments run hidden, the user input cannot be provided after execution has begun. Instead the user input has to be provided in the form of a silent or quiet installation parameter. In all cases, we recommend the following:
1: Determine the proper silent/quiet installation parameter for your deployment. This might require consulting the vendor’s documentation for the installer that you are deploying, or it might just require running the installer with a ? or /? switch to see the available options, or even just some good old fashioned experimentation. The screenshot below is just for illustration purposes. Your installer’s help parameter may be different or nonexistent.

2: Test the deployment at the command line WITHOUT using BatchPatch. Run your deployment manually/directly in the cmd.exe prompt on a given test computer so that you can ensure that it works to completion WITHOUT requiring any additional input from you. This means that it needs to run to completion without popping up a window that requires you to click OK or Next or fill out any information before it can proceed. The screenshot below is just for illustration purposes. Your installer’s quiet/silent installation parameters will likely be different.

3: AFTER you have confirmed that your command syntax works correctly to completion at the command line without ever requiring any additional user input, you may then run the deployment inside of BatchPatch, utilizing the same syntax for a quiet/silent installation that you ran successfully outside of BatchPatch. The screenshot below is just for illustration purposes. Your installer’s quiet/silent installation parameters will likely be different.

To schedule a report of the entire grid’s activity to be emailed at a specific time, such as when your Windows updates or patching maintenance window comes to an end on a given day, here’s what to do.


Above we used the default email notification values for our email notification. For most users, this will probably be sufficient. However, some users will want to be able to create multiple different email notifications so that in some cases a notification and/or report can be sent to one recipient group, and in other cases a notification and/or report can be sent to a different recipient group. Here’s how to do that.
If Microsoft has already made the update available to your computer, then unless you are using an old version of BatchPatch (released prior to April 2020), you can deploy Windows Feature Update 25H2 using the standard built-in Windows Update actions in BatchPatch under Actions > Windows updates.
However, there are cases where you might want to deploy the update to your computers after Microsoft has published it for public consumption but before it has been designated for deployment to your individual computers (this can happen because Microsoft does not make the update available to every Windows computer on the planet at the same time– they make it available over a period of time). In the case where the update is publicly available but not yet being offered to your computer, you can still deploy it but you’ll need to use the alternate method that’s explained lower down in this tutorial.
For the typical deployment method, the primary requirement is that the feature update that you wish to install must be offered to the machine and be showing as an available update when you use Actions > Windows updates > Check for available updates in BatchPatch. If you see the 25H2 feature update in that list of available updates for the target computer or group of target computers, then you can just download/install the update on those computers by first modifying the classification filtering in Tools > Settings > Windows Update so that the Include “Upgrades” box is checked.
After the Upgrades classification is selected you can then use Actions > Download available updates in conjunction with Actions > Install downloaded updates or you can just click Actions > Download and install updates. As long as you are operating in standard, non-cached mode in BatchPatch (i.e. cached mode is disabled), feature updates will install (assuming, of course, that you currently have a feature update showing in the list of available updates for a given computer). Note, cached mode is enabled/disabled under Tools > Settings > Windows Update.
Please note there are a couple of things to consider when installing feature updates using the standard non-cached mode BatchPatch update method.
First, as mentioned above, the target computer needs to have the desired feature update showing as one of the available updates for the computer. If you’re expecting to see it but you don’t, it could be because the update is not approved on your WSUS yet, or it could be that you have a Group Policy or Local Policy setting configured for the target computer that is set to defer the installation of feature updates for a specified amount of time. Check your Group Policy configuration for any deferral policies enabled under the following locations:
Computer Configuration > Administrative Templates > Windows Components > Windows Update
Computer Configuration > Administrative Templates > Windows Components > Windows Update > Windows Update for Business
Second, depending at what stage of the rollout Microsoft currently is at the time you attempt to deploy a given feature update, they might not yet be delivering the update through the normal Windows Update channel. They typically begin the rollout with delivery only to “seekers”. This is the name they give to people who manually click on the ‘Check for updates’ button in the Windows Control panel. “Seeker” updates are visible in BatchPatch when you click on ‘Search for only optional software updates‘
Third, over the past couple/few years Microsoft has made quite a few changes to how Windows Update works, particularly with regard to how feature updates are handled. It’s possible that there is some other reason that I didn’t mention above that is the cause for why you are not seeing the feature update available for installation through the normal Windows Update methods.
If you need to deploy feature update version 25H2 (or any other feature update) to target computers that don’t have internet access and don’t have WSUS access and therefore cannot be targeted in standard, non-cached mode (that is to say, you are using either online cached mode or offline cached mode with those target computers, and you are not able to disable cached mode and switch to standard mode for whatever reason), then you may use the method outlined below to deploy the feature update to those computers.



/auto upgrade /quiet |
You should expect that the entire process will take a bit of time to complete. BatchPatch has to copy the whole installation directory to the target computer(s), which contains several gigabytes, before it can execute the upgrade process on the target(s). IMPORTANT: After the BatchPatch deployment completes for a given target computer BatchPatch will show Exit Code: 0 (SUCCESS). However, this just means that the BatchPatch deployment component is finished. The Windows feature update/upgrade process will take additional time. Please be patient and let the target computer continue upgrading and rebooting as many times as is needed. It might take a little while with multiple automatic reboots before everything is 100% finished.
NOTE: We have had a couple of reports from users who received the following error:
Deployment: Error: Access to the path '\\TargetComputer\C$\Program Files\BatchPatch\deployment\autorun.inf' is denied. |
We don’t know the exact cause of this issue, but it seems likely to somehow be related to the way that permissions were applied or inherited during the ISO extraction process. If you encounter this error it can be resolved quickly and easily by just deleting the autorun.inf file from the source directory after extracting the ISO contents but before executing the actual deployment for any target computers. This will prevent the problematic file from ever being copied to target computers. As such, the error will not occur.
Generally speaking, BatchPatch can deploy nearly all applications and third-party updates through the use of BatchPatch’s Deploy feature ( Actions > Deploy ). We have many examples / tutorials posted here: Software Deployment with BatchPatch. However, recently we came across a very rare example where the update in question simply wasn’t fully compatible with the built-in Deploy feature in BatchPatch.
The update file that gave us problems is SQLServer2022-KB5063814-x64.exe. Although the update would be successfully deployed/executed through the use of the BatchPatch Deploy feature, it would show indefinitely as “Executing” even after it had actually completed. Although this wasn’t the end of the world, it left something to be desired, and it required some manual intervention to both determine completion and manually kill residual processes that weren’t closing on their on.
In order to get around this unexpected behavior, we had to approach the deployment in a slightly different way. The steps are outlined below in case they could help someone else in the future.
Title: SQL update execution
Command:
"C:\BatchPatch\deployment\temp\SQLServer2022-KB5063814-x64.exe" /q /IAcceptSQLServerLicenseTerms /Action=Patch /AllInstances |
Title: Delete SQL update file
Command:
cmd.exe /c del "C:\BatchPatch\deployment\temp\SQLServer2022-KB5063814-x64.exe" /F /Q |
In the lower left corner of the Job Queue window you’ll find the three commands that you just created. Double click on them to add them to a new job queue in the following order (order shown below). Then save the job queue by using the >> button:
-Copy SQL update
-SQL update execution
-Delete SQL update file
See the screenshot below for exactly what it should look like:
The file is copied to the target computer. The update is applied successfully. Then the file is deleted successfully.

We published a new build recently.
–You can now generate consolidated reports of available updates from within the job queue and task scheduler
–You can now run Download offline updates repository from within the job queue and task scheduler
–You can now export a sanitized copy of the grid
–BatchPatch now includes a built-in workaround for the CopyToCache failure/error that users have been seeing in the latest versions of Windows 11. This workaround can be enabled under Tools > Settings > Windows Update > Automatically apply offline mode workaround for CopyToCache error (beta)
To view the rest of the changes/updates/fixes, please look in the software under Help > Check for updates > View change log
You can use BatchPatch to upgrade your target computers from Windows 10 to Windows 11 by following the process outlined below. For this example I upgraded from a new Windows 10 22H2 installation to a Windows 11 24H2 installation, but the process should generally work for any release of Windows 10 to 11, and you can perform the deployment on numerous target machines simultaneously.
At the time of this writing, you can obtain the Windows 11 ISO from https://www.microsoft.com/en-us/software-download/windows11. In the past if you wanted an ISO file you would first have to download the Windows Media Creation Tool first (also available from the same link), and then you could run the media creation tool to obtain the ISO, but now they also have a direct link for the ISO file, which makes the process quicker and simpler.
To perform the extraction you can either use a tool like 7-zip to directly extract the contents,

or you can instead mount the ISO in Windows by browsing to the file, right-clicking on it, and then selecting the Mount option.
by selecting the desired target computers in the grid, and then clicking on Actions > Deploy > Create/modify deployment….
Click on the … button to browse to the location of your setup.exe file, which will be inside of the folder where you extracted the Windows 11 ISO contents.
Next, check the two boxes below that field to Copy entire directory and Leave entire directory.
The Target working directory is where BatchPatch will copy the installation files to on the target computer. In this case since we have to use the setting to Leave entire directory, you could change this location if you want. The reason we have to leave the entire directory at the end of the deployment is because Windows will still need it to complete the setup process when the machine is rebooted. Once the target computer has rebooted and completed the Windows 11 setup process, you may delete the contents of the directory.
Lastly, make sure your Parameters field is identical to mine. It should contain the following text:
/auto upgrade /quiet /EULA accept |
At this point you can save the deployment configuration with the double-right-arrow >> button. If you want to execute the deployment immediately on the selected target hosts in the grid, click Execute now in the deployment configuration window. Alternatively if you save the deployment for execution at a later time, you’ll be able to execute it directly from the Actions menu by selecting the desired target hosts in the grid and clicking on Actions > Deploy > Execute saved deployments

