Patching is one of the highest-impact things RMM does, because most cyber incidents exploit known vulnerabilities that simply hadn’t been patched. We run a structured patch programme rather than relying on default Windows Update behaviour.
Specifically:
– Operating system patches (Windows, Windows Server, macOS, Linux) are tested and deployed on a defined cadence — usually weekly for desktops/laptops and monthly with maintenance windows for servers.
– Third-party software — browsers, Adobe, Java, Zoom, Microsoft 365, line-of-business apps — gets the same treatment, which is where most attackers actually get in.
– Firmware and drivers for laptops and key infrastructure are managed on a slower, more careful cycle.
– Emergency patches for critical CVEs are deployed as fast-track changes, often within hours.
Routine housekeeping — reboots, log rotation, temp clean-up, agent health, antivirus definition checks — runs automatically out of hours, so users wake up to a clean, healthy device.