1. Splashtop Business - Support
  2. Usage & Deployment
  3. Endpoint Management Features

OS Patch in Endpoint Policies

Avatar
Support

The OS Patch section within Endpoint Policies allows administrators to configure and manage OS update behaviors on remote computers. This powerful tool helps users define patching schedules, set approval rules, manage reboot options, and more—ensuring that devices are up-to-date and secure with minimal manual intervention. Here’s how to set up and manage OS Patch in Endpoint Policies.

Start with the interactive demo to walk through key setup steps and core workflows:

Interactive Demo

Or use this guide below to explore our OS Patching and features with detailed screenshots.
 

Supported Subscriptions

Your team must have Splashtop Autonomous Endpoint Management (AEM) enabled.

Requirements

Windows streamer must be version 3.7.4.2 and up.

Mac Streamer must be version 3.8.0.0 and up.

How to use OS Patch in Endpoint Policies

1. Accessing OS Patch in Endpoint Policies
 

To access the OS Patch page within Endpoint Policies:

  1. Log in to the Splashtop web console (Global/EU/OC).
  2. Navigate to Automation > Endpoint Policies.
  3. Click Create Policy or Edit for the selected policy to enter the OS Patch section to configure update settings.
    Snipaste_2025-03-26_18-44-55_en-us.png
2. Update Settings
 

The Update Settings section allows users to define how OS updates are handled on managed devices with the following options:

  • Let OS install updates automatically
  • Download updates but let me choose whether to install them (Default)
  • Check for updates but let me choose whether to download and install them

Snipaste_2025-11-18_16-55-24.png_en-us.png 

 

3. Scan Schedule
 

This section allows you to define when the system should check for available updates.

Snipaste_2025-03-31_17-18-54_en-us.png

Snipaste_2025-03-31_17-20-31_en-us.png

  • Daily: Set a specific time (default: 02:00).
  • Weekly: Select the day(s) of the week and time (default: Monday, 02:00).
  • Monthly: Select the date(s) and time (default: 1st, 02:00)
  • Scan immediately if a computer missed the prior scheduled task: This option takes effect only from the next scheduled scan time if the policy was newly created or recently modified.
4. Approvals, Core Updates, and Patch Overrides 
 

Note: The availability of features under Approvals, Core Updates, and Patch Overrides differs between Windows and macOS:

  • Windows: Supports all features — Approvals, Core Updates, and Patch Overrides.
  • macOS: Supports only limited update management. Core Updates and Patch Overrides are not available for macOS devices at the moment.
  • In the Approvals section, administrators can set up approval rule based on patch importance (Important or Optional): 
    Windows:
    Snipaste_2025-07-04_14-46-32_en-us.png
    Mac:
    Snipaste_2025-11-18_17-16-24.png_en-us.png

    • Approve: The update will be approved and installed at the scheduled time.

    • Manual: The update will remain pending, allowing users to decide whether to install it.

    • Ignore: The update will be ignored when available.

  • Starting with Windows streamer version 3.7.4.3, the Core Updates feature enables you to perform major Windows upgrades—such as moving from Windows 10 to 11 or from 22H1 to 22H2. These updates involve significant OS changes and typically take longer than regular updates. You can now manage and deploy Core Updates directly from the Splashtop console for better control and visibility across your devices.
    Snipaste_2025-07-04_14-58-52_en-us.png
  • In Patch Overrides, administrators can create exceptions for specific updates:
    Snipaste_2025-04-01_21-55-15_en-us.png
    • Click Add and enter the KB number of the update along with a description.Snipaste_2025-04-01_21-58-03_en-us.pngSnipaste_2025-04-01_21-58-28_en-us.pngSnipaste_2025-04-01_22-05-29_en-us.pngSnipaste_2025-04-01_21-59-18_en-us.png
  • Once added, assign a different approval status for the specific KB update.Snipaste_2025-04-01_21-59-41_en-us.png
5. Update Schedule
 

The Update Schedule section defines when approved OS patches are installed:

Snipaste_2025-04-01_22-18-37_en-us.png

  • Schedule installation: Set specific days and times for updates
  • Postpone updates: Delay installation for a specified period to minimize disruption.
  • Install updates immediately: Apply patches as soon as they are approved.
6. Reboot Options
 

The Reboot Options section determines how devices handle restarts after installing an OS patch:
Snipaste_2025-04-01_22-20-22_en-us.png

  • Auto-restart if required: The system reboots automatically after the update, with a delay of 15, 30, 45, or 60 minutes after completion.
    • Notify user about the reboot if a user is logged in: Set up when to send the notification, log out the user without notification, or skip the reboot.
  • Reboot immediately after completing the update: The system will restart automatically right after the update is installed.

 

Summary 

The OS Patch section in Endpoint Policies is a versatile tool that allows administrators to configure and automate the management of operating system updates across remote endpoints. By customizing update schedules, approval processes, and reboot options, users can ensure that devices remain up-to-date and secure with minimal manual intervention.

1 out of 5 found this helpful

Articles in this section

See more