Auto-remediation notes

Before enabling and configuring auto-remediation options, review the following notes about:

Installing software

Always test patches in a test environment before deployment.

By default, Microsoft® updates are not enabled for automatic deployment. Manually approve each patch (as it is tested) or set all Microsoft® updates as approved.

Uninstalling software

To uninstall software, a 3–stage process is required in order to identify whether the selected application supports silent uninstall:

Stage Description
Stage 1 Select the application to auto–uninstall.
Stage 2 Ensure that application supports silent uninstall. Test this by trying to remotely uninstall the application. This is the validation process.
Stage 3 Setup a scheduled audit that will remove the unauthorized application. This is done automatically (using agents) or manually (agent–less approach).

Auto–remediation and un–installation of un–authorized applications only work with scanning profiles that detect missing patches and/or installed applications.